LOS ANGELES, CA Deloitte
LEARN MORE / APPLY
The Senior SOC Analyst team member is responsible for the analysis of all technology devices which may include Operational Technology (OT) and Industrial Control Systems (ICS) within enterprise. This includes analytical analysis of device communication, forensic analysis of Windows or Linux systems and servers, timeline analysis of activity on these endpoints, user permission and authentication audits, log analysis, and malware identification/triage.
An ideal candidate for this position will be a proactive self-starter who has experience with system administration, Windows and Linux operating systems (OS) mechanics and filesystem structures, disk and memory forensics, commonly abused tools/vectors for persistence, privilege escalation, and lateral movement, operating system log analysis, and triaging suspicious file artifacts for unusual behavior, with respect to the environment they are found in. This role requires a familiarity with what routine OS activities and common software/user behavior looks like in the context of forensic artifacts or timelines. Analysts should also be familiar with common categories and formats of host-based indicators of compromise (IOCs) and how/where they can be leveraged to identify known-bad files/activity on an endpoint. Candidate will utilize the Cyber Kill Chain and synthesize the entire attack life cycle along with creating detailed reports on how impacts may or have occurred.
As a senior role candidate will review and provide feedback to journeyman and junior analysts’ investigation and facilitate discussions on recommendations on improving SOC visibility, efficiency, and/or processes. Work you’ll do
Support client leaders in establishing and managing a Security Operations Center (SOC) to provide a secure environment that facilitates incident response and threat hunting activities.
Provide oversight over more junior cyber analysts and assist client with prioritization and milestone tracking for efforts related to the SOC
Manage the security information and event management (SIEM) platform to monitor for security alerts and coordinate vulnerability assessments and artifact collection across servers and network devices
Evaluate network structures and device configurations for security risks, offering recommendations based on best practices, and gather data to identify and respond to network intrusions
Analyze network traffic and system logs to identify malicious activities, vulnerabilities exploited, and methods used, and develop processes to enhance SOC response and efficiency
Conduct comprehensive technical analyses of computer evidence, research and integrate new security tools into the SOC, and synthesize findings into reports for both technical and non-technical audiences
Qualifications
Required:
Must have an active Secret Clearance to be considered
Bachelor’s Degree in IT/Cybersecurity related field
At least 5 years of experience in security operations, demonstrating leadership in customer-facing roles
Proficient in analyzing cyber-attacks, with a deep understanding of attack classifications, stages, system/application vulnerabilities, and compliance with Department of Defense (DoD) policies and procedures
Extensive knowledge of network topologies, protocols (e.g., TCP/IP, ICMP, HTTP/S, DNS, SSH, SMTP, SMB), and experience with tools like Palo Alto, Elastic SIEM, Cribl, Splunk, VMware, Security Center
Capable of attack reconstruction based on network traffic, integrating Threat Intelligence, and familiar with MITRE ATT&CK framework, with the ability to collaborate effectively across multiple locations
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future
Preferred:
Knowledge of Operational Technology (OT) or Industrial Control Systems (ICS)
Strong analytical and troubleshooting skills
Able to provide expert content development in Splunk Enterprise Security using tstats and data models
Understands how to utilize knowledge of latest threats and attack vectors to develop correlation rules for continuous monitoring on various security appliances
Experience in other tools and communication languages as applicable such as Nessus, Endgame, CrowdStrike, Gray Noise, Shodan, Bacnet, MODBus, SCADA systems, and PCAP
Review logs to determine if relevant data is present to accelerate against data models to work with existing use cases
Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), or relevant IT technology certification
Examples of other certifications include:
CERT Certified Computer Security Incident Handler,
ECC CEH (Electronic Commerce Council Certified Ethical Hacker)
GCIH (GIAC Certified Incident Handler)
GISF (GIAC Information Security Fundamentals)
CISSP (Certified Information System Security Professional)
Additional certifications at an equivalent may also be considered.
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $102,750 to $171,250.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
S:CLZWESTCA
LEARN MORE / APPLY
Deloitte
Job Hiring / LOS ANGELES, CA / Security Operations Center (SOC) Cyber Analyst (Active Secret Clearance, Pt. Hueneme, CA) / Deloitte >> APPLY/LEARN MORE >> https://de.jobsyn.org/a6232e1d5d2847209051a580b4162cfe8003 >> #job #jobs #hiring #BGJobs
+++++++++++++++
? Looking for more jobs like this? Find more at CareerOneStop, sponsored by the U.S. Department of Labor Employment and Training Administration.
+++++++++++++++
US Work-eligible
LOS ANGELES, CA
