Security Operations Center Analyst

Summary

Join RKON, an award-winning IT services company, as a Cyber Security Analyst on our client-facing Security Operations Center (SOC) team. You will play a key role in identifying, analyzing, and remediating potential threats to our clients' environments. This position requires a motivated individual with strong security industry knowledge and experience in vulnerability management and security information event management. You will collaborate with clients and internal teams to ensure the confidentiality, integrity, and availability of client information assets. The role involves performing security monitoring, incident response, and threat hunting activities. RKON offers a dynamic work environment that encourages collaboration and professional development.

Requirements

• Technical and Professional Expertise Desire to work in SOC, Vulnerability Management, Security Information Event Management, Threat Hunt, or Threat Intel team on a long-term basis
• Critical thinking and problem-solving skills
• Passion for information security
• Strong business acumen including written and verbal communication skills
• Strong interpersonal and organizational skills
• Experience with Vulnerability Management technologies
• Experience with Security Information Event Management technologies
• Practical experience with TCP/IP networking
• Working knowledge of Routing and Access Control Devices
• Experience with Linux, Windows, iOS, and Network Operating Systems
• Experience with Endpoint and Network Detection Response technologies
• Experience with Cloud Security configuration best practices
• Experience deploying and managing Windows Defender for Endpoint, CrowdStrike, SentinelOne, or other industry-leading Endpoint Protection Platforms
• Industry related certifications: Security+, C|EH, GSEC, etc

Responsibilities

• Assist in establishing a mature and optimized Security Operations Center discipline to support managed security services focused on client-facing vulnerability and security information event management engagements
• Identify and remediate infrastructure and application vulnerabilities identified in continuous scanning exercises and assist with risk prioritization
• Analyze and respond to security threats from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Endpoint Detection and Response (EDR), Network Detection and Response (NDR), Email Security, Cloud Security, and other security threat data sources
• Respond to clients in a timely manner (within documented SLA) with thorough and concise analysis and recommended actions
• Document actions in cases to effectively communicate information to internal and external stakeholders as well as for historical retrieval
• Adhere to RKON company and client policies, procedures, and security practices
• Resolve problems independently and understand escalation procedures
• Conduct scanning and monitoring activities to provide in depth visibility into potential known and unknown vulnerabilities and threats that may pose risk to the RKON and client environments
• Participate in security incidents and act as the technical Subject Matter Expert during significant security incidents
• Utilize analytics to identify potential vulnerabilities and threats to the environment
• Detect, respond, mitigate, and report on cyber threats/incidents that may impact the environment
• Collaborate with RKON and client technical leads and Subject Matter Experts including Engineering, Operations, Service Desk, Applications, and client key stakeholders on matters related to security scanning and monitoring across a global footprint
• Collaborate and serve as liaison to key security vendor solution partners
• Conduct operations surrounding cyber security incident response technologies including network logging and forensics, security information and event management tools, security analytics platforms, log search technologies, and host-based forensics as applicable
• Act as an internal information security consultant to the business and technology units, advising on risks, threats, and control practices related to SOC - Assurance and Response
• Assist in development and knowledge sharing within the team
• Assist in security console tuning
• Perform threat hunts that target known vulnerabilities, threats, and other attack vectors