SOC Level 3 – Security Advisor
Location – Onsite at Hamilton Hills, MI
Sample Responsibilities
- Lead complex investigations and conduct deep analysis of security events focused on rapid containment, remediation, and mitigation.
- Lead in the detection, triage, analysis and response to cyber-attacks. Serve as a technical Cyber SME and onsite task lead.
- Provide insight and expertise to examine malicious code (malware), attack vectors, network communication methods, analyze threats against target systems and networks, determine target network capabilities and vulnerabilities.
- Training and mentoring Level 1 & Level 2 peers to improve SOC Analyst capability.
- Engaging across the organization and partnership with a diverse set of IT and business stakeholders, awareness of business needs for delivery and agility and to ensure security topics (operations, engineering, risk, compliance) are integrated and automated properly.
- Working with Cybersecurity, Information Technology Services teams, and others across the global business organization on practical implementation of SOAR and SOC Runbooks and Playbooks
- Identifying, monitoring, and reporting on trackable metrics to improve processes, procedures, and overall operational security while minimizing business impact
- Perform Security Operations maturity assessments, formulate roadmaps to bridge existing security gaps and help accelerate transformation towards SOC maturity.
- Reviewing SOC Runbooks and Playbooks and determining if good practices are being followed, considering most common cybersecurity threats within clients’ industries, business and Geo locations.
- Reviewing SOAR and XDR products utilized and determining if they are configured properly.
- Deploying SOC automation technology through SOAR, Case Management.
Reviewing Security Operations Runbooks and Playbooks through assessing SOC threat landscape; existing automations and providing recommendations to comply with SOC automation best practices, using applicable cybersecurity framework.