SOC Analyst L1 & L2
Fulltime
Dallas, Texas (hybrid)
IMMEDIATE new job openings for L1 & L2 SOC Analysts to join our clients Dallas based team and work in a hybrid setting. Â This position is responsible for heavy log analysis, monitoring multiple feeds in a 24/7 environment to immediately detect, verify, and respond swiftly to cyber threats, e.g. vulnerability exploitation, malware, cyber-attacks, etc.; serving as a technical escalation resource and provide mentoring for Tier 1 Security Operations Center (SOC) analysts; working collaboratively with multiple teams and personnel; working with other SOC analysts as well as subject matter experts within the larger distributed Cyber defense team including; cyber threat hunters, threat intelligence analysts and forensic investigators; participating and take active role in red-team/blue-team simulated attacks and table top exercises; partnering with Security Design and Architecture Engineers to implement and improve technology and process to enhance SOC monitoring, investigation, and response capabilities.Â
Responsibilities
•   Monitor multiple feeds in a 24/7 environment to detect and respond to cyber threats.
•   Serve as a technical escalation resource for Tier 1 SOC analysts.
•   Mentor Tier 1 SOC analysts.
•   Collaborate with multiple teams and personnel within the Cyber defense team.
•   Participate in red-team/blue-team simulated attacks and tabletop exercises.
•   Partner with Security Design and Architecture Engineers to enhance SOC capabilities.
Requirements
•   3-5 years of experience as a SOC Analyst Â
•   Experience building queries and extracting data from logsÂ
•   MSSP industry experience
•   Log analytics experience
•   Security Blue Team Level 2 (BTL2) and/or SANS certifications
•   Experience with event analysis leveraging SIEM tools (e.g. Splunk, ArcSight)
•   Log parsing and analysis skills with experience developing correlation rules
•   Experience with NIDS/HIPS/EDR infrastructure & tools
•   Experience with signature development/management (e.g. Snort rules, Yara rules)
•   Experience with protocol analysis and tools (e.g. Wireshark, Gigastor, Netwitness)
•   Experience mentoring and training junior analysts
•   Working knowledge of current cyber threat landscape
•   Working knowledge of Firewall and Proxy technology
•   Knowledge of malware operation and indicators
•   Knowledge of Data Loss Prevention monitoring
•   Knowledge of forensic techniques
•   Knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP)
•   Knowledge of penetration techniques
•   Bachelor's Degree in Computer Science or Information Systems
•   Experience in an enterprise environment with tools like ArcSight, Sourcefire, TrendMicro DDI, Splunk, Hadoop
•   Experience in System or Network Administration, Penetration Testing, or Application Development
**To view all of our open positions, please visit: http://www.alleareconsulting.com/job-openings.Â
Â
