Senior SOC Analyst

Senior Security Operations Center Analyst

The Senior Security Operations Center Analyst conducts daily traffic analysis, performs in-depth system and network forensics, generates incident reports, and provides cyber defense trend analysis. The analyst also determines tactics, techniques, and procedures for intrusion sets, reconstructs malicious attacks from network traffic, proactively identifies threats, and coordinates with enterprise-wide cyber defense staff to validate alerts.

Responsibilities

• Conducts daily traffic analysis, identifies and characterizes anomalous activity.
• Performs in-depth system and network forensics to identify and eradicate threats.
• Generates incident reports and investigates suspicious network and system activity.
• Performs cyber defense trend analysis and reporting.
• Determines tactics, techniques, and procedures (TTPs) for intrusion sets.
• Reconstructs malicious attacks or activity based on network traffic.
• Proactively identifies threats to the enterprise and initiates distribution of enterprise-wide alerts.
• Coordinates with enterprise-wide cyber defense staff to validate network alerts.
• Provides timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities, distinguishing them from benign events.
• Monitors software patches and security fixes, tests, and validates modified systems.
• Performs security reviews and identifies security gaps in the security architecture, providing recommendations for risk mitigation.
• Recommends computing environment vulnerability corrections.
• Processes, documents, and coordinates resolution of cyber incidents with appropriate teams.
• Notifies designated managers, cyber incident responders, and cybersecurity service provider team members of suspected incidents, articulating the event’s history, status, and potential impact in accordance with the organization’s cyber incident response plan.
• Provides coverage for Central AZSOC swing shifts and weekend hours in North Phoenix.

Location & Working Hours

• Office located at I-17 and Greenway, North Phoenix.
• Position is 100% onsite.
• Shift patterns: Tuesday–Saturday 12pm–9pm (Saturday hours flexible) or Sunday–Thursday 12pm–9pm.
• Coverage for Central AZSOC swing shifts and weekend hours.

Eligibility

• Only US Citizens are eligible to be submitted for this role.

Qualifications

• Solid, end-to-end understanding of Information Technology systems, especially as they apply to security.
• Ability to triage security detections and alerts from any source (network, endpoint, audit logs, identity, etc.), perform incident response, and support incident management.
• Ability to work under pressure, prioritize issues, and maintain sufficient attention to ensure an appropriate response to cyber alerts and incidents.
• Professional engagement and customer service skills to positively support stakeholder institutions and partners statewide.
• Fast learner with the ability to work and solve problems creatively.
• Two years of experience in a security operations environment, or related work, with demonstrated interest in security operations.