About the Company:
Founded in 2008, Ebryx is a cybersecurity services and solutions company headquartered in Greater Boston, with offices around the globe. Our research and development services power some of the world’s leading cybersecurity products and our managed security services, consulting services and Zero Trust solutions protect organizations ranging from Fortune 500 companies to leading tech startups.
Ebryx is seeking L1 SOC Analysts to join its SOC team in Salem, New Hampshire. This position is not suitable for people looking to work primarily from home, but limited telecommuting is accepted. Please email your resume to careers@ebryx.com, mentioning the position in the Subject.
Job Description:
As an L2 SOC Analyst, you will be part of our Security Operations Center (SOC) team. You will be responsible for analyzing and investigating security events arising typically because of escalations through L1 SOC from disparate data sources such as EDR, NDR, WAF and CSPM solutions using security monitoring tools such as SIEMs.
Responsibilities:
Perform in-depth analysis of security alerts escalated by L1 SOC analysts
- Perform root cause analysis and containment/remediation activities.
- Provide detailed documentation for threats or alerts and recommend preventive measures
- Effectively integrate threat intelligence into security monitoring tools
- Perform threat hunting to look for potential threats in light of threat intelligence
- Escalate security incidents to the Incident Response team and initiate IR workflows
- Manage and optimize security tools like SIEM, SOAR, EDR, etc.
- Write and tune detection rulesets as well as correlation rules
- Mentor and monitor L1 analysts and help optimize the L1 function
- Participate in the security on-call roster
- Manage SOC Roster as per client & team requirements
- Integrate log sources with monitoring platforms e.g. SIEM/SOAR
- Create dashboards and visualizations for log sources and alerts analytics
- Create and continuously tune investigation and response playbooks, automations & workflows
- Automate Security Mechanisms to optimize routine detection & response elements
- Visualize attacker trends for enhanced understanding of security posture
- Work closely with Level 1 & Level 3 SOC Analysts for escalations and continuous improvement of the service
- Engage with clients to help resolve security alerts and incidents
- Work in Morning/Evening/Night shifts
- Continuous capacity building to stay on top of current cyber threats
Experience
1+ years of experience in SOC/CERT/CSIRT as an L2 SOC Analyst or 3+ years as an L1 SCOC Analyst
Education
A degree or appropriate certification in Computer Science, Computer Engineering, Information Security, Cyber Security, Software Engineering, or equivalent.
