Security Operations Center Analyst

Direct message the job poster from Falcon Smart IT (FalconSmartIT) Talent Acquisition | Hiring Technical Experts Job Title: SOC Analyst/Engineer (Security Analyst) Location: Alameda, CA (Onsite) Job Type: Contract Job Description: EXPERIENCE/KNOWLEDGE & SKILLS: CISSP, CISM, CEH, OSCP, GIAC or similar cybersecurity certification required. Experience with security tools such as SIEM, EDR, and IDS/IPS to ensure they are effectively detecting and alerting on potential threats. Extensive experience in Palo Alto Cortex XDR and a deep understanding and practical application of XQL queries is required. Extensive experience in a SOC environment, with a strong background in threat detection, incident response, and threat hunting. Experience with threat intelligence platforms and integrating threat intelligence feeds to security tools to enrich threat detection. Experience in proactive threat hunting to identify and neutralize emerging threats. Experience or working knowledge of cloud, network, and application security. Experience in Biotech/Pharma is a plus. Knowledge/Skills/Abilities: Proficiency with SOC tools and technologies such as SIEM (Splunk), EDR (Cortex), and IDS/IPS (e.g., Snort, Suricata). Strong scripting skills (e.g., Python, PowerShell) to automate tasks, enhance detection capabilities, and develop automation through a SOAR platform. Ability to configure and fine-tune security tools to maximize their effectiveness by integrating various log sources and data feeds to enhance visibility and detection. Knowledge of machine learning and behavioral analytics to identify anomalies and potential threats. Ability to develop and refine correlation rules within SIEM to detect complex attack patterns, leveraging the MITRE ATT&CK framework. Strong analytical skills to correlate events and make informed decisions based on data. Excellent communication skills. Resourceful and proactive to find innovative solutions to challenges. A mindset focused on continuous learning and improvement. Outstanding judgment and problem-solving skills, including negotiation and conflict resolution. ESSENTIAL DUTIES AND RESPONSIBILITIES: Oversee the end-to-end threat management process, from initial detection and analysis to containment, eradication, and recovery. Regularly assess the effectiveness of detection mechanisms and make necessary adjustments to improve accuracy and coverage. Create and refine correlation rules within the XDR Platform (Cortex XDR) to identify complex attack patterns and reduce false positives. Incorporate threat intelligence feeds into the team's detection capabilities to stay updated on the latest threats and attack techniques. Utilize machine learning and behavioral analytics to identify anomalies and potential threats. Regularly review and fine-tune the configurations of current security tools such as SIEM, EDR, and IDS/IPS. Work with various log sources and data feeds to enhance the visibility and detection capabilities of the team. Co-create and maintain playbooks to standardize and automate threat response procedures. Stay current with the latest threat landscape and emerging trends in cybersecurity. Contribute to the overall information security strategy. Seniority level Mid-Senior level Employment type Contract Job function Information Technology Industries IT Services and IT Consulting and Information Services #J-18808-Ljbffr

Created: 2025-03-01