Junior Soc Analyst

Role:                                            Jr. Security Operations Analyst 

Work Location:                            remote but strongly prefer someone in Houston

Number of Positions:                1

Position Type:                            6 month contract with extensions likely

Company Description:               Transportation

US CITIZENS AND GREEN CARD HOLDERS ARE ENCOURAGED TO APPLY. WE ARE UNABLE TO PROVIDE SPONSORSHIP AT THIS TIME.

NO THIRD-PARTY CANDIDATES WILL BE CONSIDERED – DIRECT W2 OR 1099 CONSULTANTS ONLY

HOUSTON BASED CANDIDATES STRONGLY PREFERRED

JOB SUMMARY

We are seeking a Junior SOC Analyst to be an integral member of our client’s Security Operations team. This is a US-based opportunity, is 100% remote, and includes but is not limited to the following areas of Security Operations support:

DUTIES & RESPONSIBILITIES:

·      Provide initial triage of cyber security alerts, incidents, and potentially malicious emails, conducting in-depth analysis and communicating findings and recommendations in a clear, digestible manner for both technical and non-technical stakeholders. 

·      Support key stakeholders throughout the incident response process, providing detailed analysis from initial detection and root cause identification, to performing mitigation and containment response actions. 

·      Identify alert trends and collaborate with key stakeholders to enhance detection and response capabilities.  

·      Contribute to the development and continuous improvement of runbooks and workflow documentation. 

·      With a positive and professional approach, effectively engage and collaborate with Security Operations team members, other internal teams, and organizational leaders.

Required Skills and Experience:

·      Bachelor’s degree in Cybersecurity or a related field, or equivalent experience in enterprise security operations or MSSP environments. 

·      Minimum 2+ years of experience responding to security-related alerts and incidents in an MSSP or large enterprise environment. 

·      Certifications such as Security+, CySA+, GCIA, or other relevant cybersecurity credentials preferred. 

·      Experience using enterprise SIEM, EDR, and Email Security platforms required. Experience with Rapid7 InsightIDR, IBM Qradar, CrowdStrike, Proofpoint, and M365 security controls are preferred.

·      Solid understanding and experience performing security alert and incident analysis and response.

·      Knowledge of threat actor tactics and attack life cycles. 

·      Technical writing and reporting skills. 

·      Experience in creating and updating runbooks and workflow documentation. 

·      Demonstrated communication and collaboration abilities, working effectively with both internal teams and external partners. 

·      Active participation in the cybersecurity community is preferred.