For twenty years Anexinet, based in Blue Bell, PA has specialized in helping businesses transform in the digital world. We empower our clients to grow their customer base and improve workforce efficiency by envisioning, developing, delivering and operating next generation technology solutions. Our core expertise is in digital applications, analytics, managed operations and hybrid IT, enabling businesses to rapidly transform. Clients partner with Anexinet to support the full lifecycle of their next generation digital business.
We are looking to add several Security Operations Center (SOC) Analysts to our Managed Operations team. Initially work can be performed remotely however, qualified candidates should be able to work out of our SOC in Blue Bell, PA eventually and from time to time.
Job Qualifications:
· This position requires 1-3 years of Security Operations Center (SOC) experience or equivalent schooling with a focus in Cybersecurity/Information Assurance.
· The following certifications are strongly desired:
· GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA)
· or GIAC Security Certifications including GSEC, GPPA, CMON, GCED.
· Cisco CCNA Cyber Ops, CompTIA Network+, Security+, and/or Linux+
· Fundamental understanding of TCP/IP component layers to identify normal and abnormal traffic
· Basic working knowledge of Wireshark, tshark, tcpdump or other information security tools
· Some on-call and afterhours work may be required
· Must be US Citizen
· Position Responsibilities:
· Provide first and second level technical resolution for security alerts and SOC service requests.
· Use open-source traffic analysis tools to identify signs of an intrusion.
· Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
· Monitors and analyzes Security Information and Event Management (SIEM) to identify security issues for remediation.
· Knowledge of creating Security Information Event Management (SIEM) tool rules.
· Analyze network traffic, log analysis, prioritize and differentiate between potential intrusion attempts and false alarms.
· Keep current with the threat landscape, identify vulnerabilities, and risk while supporting real-time security monitoring operations.
· Proactively monitor and look for potential flaws in client infrastructure pertaining to the services provided and make recommendations to reduce the risk/impact of similar future problems.
· Manage, escalate and drive satisfactory resolution of customer’s technical support, service and infrastructure teams to address issues.
· Demonstrate problem solving skills that contribute towards the resolution of any issues that arise.
· Document solutions, process, or procedures and present in written document, verbally on the phone, or in person.
· Ideal Candidates will have:
· Associate’s degree or Certification in Computer Science, Cybersecurity, Communications, Psychology, or other tech-related discipline.
· 24x7 SOC experience and/or experience working with or for a MSSP.
· Programming/shell scripting experience highly desirable (PERL, Python, Java, shell scripts, PowerShell, etc.)
· Deep packet and log analysis, cyber threat, intelligence gathering and analysis
· Prior computer forensics experience strongly and Malware Analysis strongly desired
· Prior experience in either system or network administrator role
· Knowledge of Windows, Linux and Cisco operating systems and information security
· Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; SumoLogic, Snort, McAfee ePO, Carbon Black, Splunk, Endpoint AntiVirus (Symantec, McAfee, SentinelOne, AMP), Firewalls, open source security tools preferred
· Strong analytical, problem solving skills, good organization, decision making, verbal and written communication skills
· Ability to work with little direct supervision and think outside of the box when the need arises
· Industry-adopted security certifications such as, but not limited to: Offensive Security Certified Professional (OSCP), EC-ECIH, EC-CEH, Cisco CCNA/CCNP Security or any of the GIAC Security Certifications including GSEC, GCIH, GCIA, GPPA, CMON, GCED, Microsoft MCSE
