We are looking for a proactive Security Operations Analyst I to join our 24x7 Security Operations team at our Roseland, New Jersey Security Operations Center. This role is an excellent opportunity for someone who is passionate about Incident Response and Threat Intelligence. You will work alongside senior team members to assist in monitoring, detecting, and responding to security incidents in a fast-paced, dynamic environment.
Key Responsibilities:
- Be part of a 24/7/365 SOC, that includes a rotating on-call schedule for overnights/weekends.
- Monitor security alerts and logs from SIEM, EDR, IDS/IPS, and other security tools to identify potential security incidents.
- Assist in the triage and investigation of security alerts, helping to determine the severity and impact of potential incidents.
- Escalate incidents to senior analysts when necessary and assist with containment, mitigation, and resolution efforts.
- Maintain and update incident response documentation and reports.
- Participate in post-incident reviews, contributing to lessons learned and process improvements.
- Support threat intelligence efforts by researching and analyzing emerging cyber threats, vulnerabilities, and attack vectors.
- Gather and analyze threat data from multiple sources (e.g., threat feeds, OSINT) to identify indicators of compromise (IOCs) and provide actionable intelligence.
- Stay current on the latest security trends, threats, and tools, contributing to the development of improved detection and response strategies.
- Provide support for security awareness initiatives to help educate staff on security best practices and phishing defense.
Required Skills and Qualifications:
- Basic understanding of information security concepts, including incident response, threat detection, and network security.
- Strong interest in threat intelligence and the ability to research and analyze cyber threats from various sources.
- Familiarity with operating systems (Windows, Linux, or MacOS) and an understanding of basic system logs and commands.
- Exposure to security tools such as SIEM, EDR, or firewall systems is a plus.
- Strong problem-solving skills and a passion for learning about cybersecurity.
- Excellent written and verbal communication skills, with an ability to work well in a team environment.
- Scripting or coding knowledge (e.g., Python, Bash) is a plus but not required.
- Relevant certifications such as CompTIA Security+, CySA+, or similar are a plus but not required.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $85,000-$110,000. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience.