Binary Defense Systems (BDS) has open positions for incident responders and network security monitoring analysts in a 24x7x365 Security Operations Center (SOC). Responsibilities will include, but not be limited to network security analysis, monitoring and incident response.
Security Analysts work with and learn from experienced security team leaders and use the latest technology to detect, analyze and limit intrusions and security events. Candidates must be willing to work in a 24x7x365 SOC environment, demonstrate intuitive problem-solving skills and allow for flexible scheduling.
The SOC Analyst will work collaboratively to detect and respond to information security incidents, maintain and follow procedures for security event alerting, and participate in security investigations. The SOC Analyst will perform tasks including monitoring, research, classification and analysis of security events that occur on the network or endpoint. The SOC Analyst should have familiarity with the principals of network and endpoint security, current threat and attack trends, and have a working knowledge of security principals such as defense in depth.
The SOC Analyst must be competent to work at a high technical level and be capable of identifying threats, and threat vectors that cause security events.
Knowledge, Responsibilities, and Core Competencies
- PERFORMS NETWORK SECURITY MONITORING AND INCIDENT RESPONSE.
- MAINTAINS RECORDS OF SECURITY MONITORING AND INCIDENT RESPONSE ACTIVITIES, UTILIZING CASE MANAGEMENT AND TICKETING TECHNOLOGIES.
- MONITORS AND ANALYZES INTRUSION DETECTION SYSTEMS (IDS) AND SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM) TO IDENTIFY SECURITY ISSUES FOR REMEDIATION.
- CREATES, MODIFIES, AND UPDATES SECURITY INFORMATION EVENT MANAGEMENT (SIEM) RULES.
- RECOGNIZES POTENTIAL, SUCCESSFUL, AND UNSUCCESSFUL INTRUSION ATTEMPTS AND COMPROMISES THOROUGH REVIEWS AND ANALYSES OF RELEVANT EVENT DETAIL AND SUMMARY INFORMATION.
- EVALUATES/DECONSTRUCTS MALWARE (E.G. OBFUSCATED CODE) THROUGH OPEN-SOURCE AND VENDOR PROVIDED TOOLS.
- COMMUNICATES ALERTS TO CLIENTS REGARDING INTRUSIONS AND COMPROMISES TO THEIR NETWORK INFRASTRUCTURE, APPLICATIONS AND OPERATING SYSTEMS.
- PREPARES BRIEFINGS AND REPORTS OF ANALYSIS METHODOLOGY AND RESULTS.
- CREATES AND MAINTAINS STANDARD OPERATING PROCEDURES AND OTHER SIMILAR DOCUMENTATION.
- CONSOLIDATES AND CONDUCTS COMPREHENSIVE ANALYSIS OF THREAT DATA OBTAINED