Job Description :
Security Analyst

Indianapolis IN

Minimum requirements:
5-8 years previous Security Operations Center Experience in conducting security investigations. Experience in investigating security events, identifying threats and resolving vulnerabilities in large and complex environments., close attention to detail, excellent critical thinking, logic, and adaptive learning Willing to work in a team-oriented 24/7 SOC environment.

Required to guide and mentor Level 1 and Level 2 Security Analyst using the same skills to investigate and mitigate against security threats and incidents.

In-depth analysis of alerts arising from Security Event and Information Management tools, ideally based on Dell SecureWork / LogRhythm SIEM.

Roles required applying analytical, reasoning & specialized technical expertise to investigate, isolate and rectify security incidents, identify root cause and undertake escalation management and reporting activities.

Key Interfaces:
Customer Security teams / Infrastructure teams and / or Network teams, Service Managers, Head of Operations, SOC L1 L3 Analyst, Vendors.

This role requires the following operational skills:
Ability to provide relevant and timely information to customers based on analysis of events from a SIEM platform.
Customer-facing, with good report-writing skills and strong communication skills at all levels.
Ability to provide technical and service leadership to SOC L2 engineers. Be a thought leader in the SOC.
Ability to consistently deliver to deadlines while prioritizing competing demands for time, without sacrificing quality.
Professional, hard-working and have the ability to pay attention to detail.
Good understanding of ITIL processes, including, Incident Management and Problem Management.
Willingness to share information, improve documentation, and train other engineers.
Able to meet demands for occasional out-of-hours working and on-call escalation.

Key Skills:
Knowledge or experience in any of the following areas
1. Dell SecureWork SIEM
2. LogRhythm SIEM
3. Symantec AV/ATP
4. Cisco IPS/IDS
5. Cisco Umbrella.

Security Industry certification such as CEH, GCIA, GCIH, GCFA, or GREM would be highly beneficial.