- Monitor SOC mailbox, IT ticketing system, hotline, threat intelligence feeds, endpoint/data loss prevention consoles, and other security tools for alerts
- Collect forensic artifacts on suspicious workstations and analyze with Forensic Analysis tools
- Identify and propose areas for operational improvement within the SOC
- Coordinate internal response coordination
- Provide feedback on security control capability gaps based of security intrusion trends
- Develop and maintain analytical procedures to improve security incident identification efficiency
- Triage and validate alerts, and if warranted, escalate to Level 3 analysts or Team Lead
- Support incident response activities, as needed
- Adhere to approved SOC documentation , processes and procedures
- Assist in developing, coordinating, and implementing SOC documentation
- Provide input to SOC operation metrics and reports
- Provide input to SOC shift change reports to maintain continuity of operations
- Minimum of 3 years of professional experience in operating, managing, designing, implementing, maintaining, or supporting cybersecurity technology
- Minimum of 3 years of professional experience in SOC operations and/or incident response
- Understanding of technologies and solutions utilized in cybersecurity and networks (SIEM, SOAR, Firewalls, IAM, IDS/IPS, End Point Protection, Threat Management/Intelligence.)
- Strong understanding of intrusion detection concepts and information security defense
- Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
- Experience in SOC documentation development
- Understanding of Incident Response analysis skills , SURGE Collect
- Forensic artifact examination with Volatility
- Proven experience with multiple security event detection platforms
- Thorough understanding of TCP/IP
- Understand basic IDS / IPS rules to identify and/or prevent malicious activity
- Full professional proficiency in English, especially in technical writing and verbal
- Demonstrated integrity in a professional environment
- Completed technical higher education in the field of computer science or related field
- Possession of certificates or education related to cybersecurity, information technology, or engineering
- Possession of cybersecurity certifications , CISSP, GCIH, GMON, GSOC
- Skills development in the cybersecurity domain
- Executive communication skills
- Opportunities for professional development at EY
- Certifications via external and internal training
- Conference attendance
Security Operations Center Junior Analyst - San Miguel de Allende, México - EY
Descripción
Level 2 (L2) SOC Analyst
Job Summary:
The role will monitor cybersecurity consoles, dashboards, and/or feeds and perform alert triage and analysis, initial incident scoping and documentation, ticket escalation, and attack disruptions for pre-defined/approved conditions
Key Responsibilities:
Knowledge, Skills and Experience Requirements:
Soft Skills:
What working at EY offers: