Atos

Security Operations Center Analyst

Atos

full-time

Posted on:

Location Type: Hybrid

Location: Plano • Texas • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $149,531 - $150,531 per year

Job Level

Mid-LevelSenior

Tech Stack

AWSAzureCloudCyber SecurityDNSTCP/IP

About the role

  • Analyze logs, network traffic, and other data to identify potential security threats and vulnerabilities.
  • Respond to security incidents by investigating and mitigating threats.
  • Perform root cause analysis and document findings.
  • Coordinate with other teams to contain and remediate incidents.
  • Gather and analyze threat intelligence to stay updated on the latest threats and attack vectors.
  • Use threat intelligence to enhance detection and response capabilities.
  • Conduct regular vulnerability assessments and scans.
  • Prioritize and remediate identified vulnerabilities to reduce the attack surface.
  • Configure and maintain security tools and technologies by maintaining use cases, triage rules, IOA rules, and IOC lists on MDR applications and endpoint devices.
  • Create detailed reports on security incidents, vulnerabilities, and overall security posture.
  • Maintain accurate and up-to-date documentation of security processes and incidents.
  • Continuously monitor security alerts and events from various MDR applications
  • Perform threat hunting using various TH models which are built using AI and machine learning algorithms to detect anomalies in the environment and check for various attacks like data exfiltration, malware beaconing, DGA, DOS, suspicious logins, etc.
  • Routinely conduct investigations of the collected logs and security use case findings to further improve, refine, and enhance threat-hunting models and use cases.
  • Contribute to the tuning and developing threat-hunting models and SIEM use cases to enhance threat detection capabilities.
  • Execute threat hunts by proactively and iteratively searching through networks to detect and isolate cyber threats under the supervision of the other threat hunters.
  • Work with the Threat Intelligence feeds and solutions to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise.
  • Accurately interpret and evaluate raw network traffic and network-based alerts.
  • Search for cyber threats and risks hiding inside the data before attacks occur.
  • Gather as much information on threat behavior, goals, and methods as possible.
  • Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure.
  • Maintain awareness within the threat intelligence community of vulnerabilities being exploited and provide comprehensive assessments of the impact on our environment.
  • Translate TI feeds into detection and hunting strategies, hypotheses, and queries.
  • Utilize tools and advanced techniques to hunt and identify threats and actor groups and their motives, techniques, tools, and methods.
  • Identify anomalous behavior on the network or endpoint devices and be able to provide an assessment of malware behavior.
  • Work in a 24x7 Security Operation Center (SOC) environment.
  • Security Log analysis to detect attack origin, attack spread, attacker details, incident details.
  • Incident Response when analysis confirms actionable incident.
  • Analyze and respond to previously undisclosed software and hardware vulnerabilities.

Requirements

  • Bachelor’s degree in Computer Science.
  • Five (5) years in any occupation with cyber security experience.
  • Five (5) years in any occupation with cyber security experience must include: SIEM and other security tools such as Firewall, EDR, Proxy, AIsaac MDR, CrowdStrike, or other;
  • MDR SOC model and MDR Operations;
  • Advanced MDR applications such as CrowdStrike Falcon, SentinelOne, AIsaac etc.;
  • Vulnerability management tools such as Nessus, Qualys, or OpenVAS;
  • Networking concepts (TCP/IP, DNS, HTTP/HTTPS, VPNs);
  • Experience with threat intelligence platforms (TIPs) and frameworks such as MITRE ATT&CK;
  • Threat Hunting using applications such as CrowdStrike OverWatch, AIsaac MDR, or other;
  • Experience on cloud platforms (AWS, Azure, Google Cloud) and their security features;
  • Frameworks such as GDPR, HIPAA, PCI-DSS, and NIST Cybersecurity Framework;
  • and Experience analyzing large datasets to detect anomalies or malicious behavior.
  • ALTERNATE EDUCATION/EXPERIENCE REQUIREMENT: Employer will accept a Master’s degree in Computer Science and three (3) years in any occupation with cyber security experience. Must have skills listed above.
  • REQUIRED CERTIFICATION: CEH (Certified Ethical Hacking) Certification.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
cyber securitythreat huntingvulnerability managementincident responsesecurity log analysisroot cause analysisnetwork traffic analysisdata analysisanomaly detectionthreat intelligence
Soft skills
communicationcollaborationproblem-solvinganalytical thinkingattention to detaildocumentationreportingadaptabilitycritical thinkingteamwork
Certifications
CEH (Certified Ethical Hacking)