About the Role
We are seeking a highly skilled Security Operations Analyst II specializing in Incident Response to join our 24x7 security team in our Roseland, New Jersey Security Operations Center. In this role, you will lead critical incident response efforts, perform forensics investigations, and contribute to the improvement of our detection and response capabilities. The ideal candidate will have extensive experience in security operations, with a deep understanding of forensics in Linux, MacOS, and Kubernetes environments.
Key Responsibilities:
- Be part of a 24/7/365 SOC, that includes a rotating on-call schedule for overnights/weekends.
- Lead and manage security incidents, including detection, analysis, containment, and remediation, ensuring rapid response to potential threats across Linux, MacOS, and Kubernetes environments.
- Perform forensics on compromised systems and root cause analysis, with a focus on Linux and MacOS.
- Utilize SIEM, EDR, and other security tools to detect, investigate, and respond to suspicious activity in real-time.
- Conduct post-incident reviews, providing insights and recommendations for improving security defenses.
- Work closely with the threat intelligence team to identify emerging threats and ensure the incident response team is prepared to defend against them.
- Mentor and guide junior security analysts, helping to foster a culture of continuous improvement and knowledge sharing.
- Stay up-to-date with industry best practices, threat landscape trends, and relevant technologies to continually improve the organization’s incident response capabilities.
Required Skills and Qualifications:
- 5+ years of experience in forensics, incident response, or security operations.
- Extensive experience with Linux and MacOS systems, including deep knowledge of system internals, logging, and forensic artifacts.
- Proven ability to perform digital forensics on compromised systems, including data recovery, analysis of malware, and network traffic analysis.
- Experience with Kubernetes and familiarity with securing containerized environments.
- Familiarity with modern security tools and platforms such as SIEM, EDR, IDS/IPS, and firewalls.
- Strong understanding of network protocols, firewalls, VPNs, proxies, and other security technologies.
- Strong analytical skills with the ability to handle and interpret large amounts of data, and the ability to translate these into actionable insights.
- Excellent communication and collaboration skills, with the ability to work effectively in high-pressure situations.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $115,000-$135,000. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience.