Job Title: Incident Analyst Tier 2 (SOC)
Location: Berkeley Heights, NJ or Marietta, GA
Duration: 8 months - Contract to Hire
Benefits: Medical, Vision, Dental after 2 months; 401k after 6 months
As a member of Cyber Security Incident Response Team (CSIRT), the Incident Analyst will coordinate the preliminary response activities for cyber security incidents across the Global company environment. The successful candidate will focus on preliminary identification and analysis of potential cyber security incidents. The successful candidate will perform triage functions such as email review, log analysis, analysis of network traffic and endpoint systems, enrich data, and will be responsible for escalating and assigning the incidents to level two incident handlers. The candidate will join a team of incident analysts and incident handlers and will have an opportunity to participate in a number of global cyber security initiatives.
Candidates should have a basic understanding of incident response processes, network investigative techniques, and cyber security trends and issues along with SIEM and SOAR technologies and uses. This position requires that the candidate be a US Citizen. The candidate should be able to travel domestically in support of the investigative mission. This position requires the ability to work a shift schedule and support coverage efforts on a 24x7x365 basis which includes work on holidays, nights, & weekends.
1. Candidate must be available for a fixed 24/7/365 shift of 8am-3pm EST.
2. Candidate must be vaccinated, willing to submit proof of vaccination and willing to return to
work a minimum of 3 days per week.
The responsibilities include:
• Understand CSIRT functions and participates in the triage of cyber security events.
• Receive and analyze alerts from various sources within the enterprise and determine possible causes of such alerts.
• Triage logs from various security controls, including, but not limited to, firewall, proxy, host intrusion prevention systems, endpoint security, application, and system logs, to identifypossible threats to network security.
• Enrich security event data to streamline the incident response process using SIEM and other correlation technologies.
• Perform incident triage, documentation, and escalation of appropriate incidents to cyber security incident handlers.
• Maintain proper documentation and creation of reports.
- 5 Years experience incident response
- Understanding of CSIRT (Computer Security Incident Response Team)
- Board Background in Security
- Experience with log analysis
- Titanium Splunk
- Good Communication Skills
- CISSP is a really nice to have
- Bachelor’s degree in a technology field preferred
- Industry certifications such as GCIH, GREM, GCFA, GCFE, CISSP, CEH, CISA, Security + are desirable.
- Experience work as part of a SOC or CSIRT team is desirable.
- Scripting and programming skills are desirable.
Matlen Silver is an Equal Opportunity Employer and considers all applicants for all positions without regard to race, color, religion, gender, national origin, age, sexual orientation, veteran status, the presence of a non-job-related medical condition or disability, or any other legally protected status.