Saks Cloud Services has an immediate opening for a Analyst, Cyber Security Operations (SOC). The candidate will be able to effectively analyze all relevant cyber security events from SIEM, EDR, Email Security Tools and other information sources for suspicious network traffic, attack indicators, potential security breaches, and data lost prevention. In this role, you will be expected to know and understand, but not be limited to, day-to-day security operations, log analysis, real-time intrusion analysis, triage investigation and security monitoring utilizing a wide array of security controls and toolsets. In addition to operational responsibilities.
What you will do
? 5 or more years of related work experience, preferably in IT Security, Information Systems, or IT related fields.
? Experience working on a 24x7 Security Operations Center or Managed Security Service Provider.
? Ability to work in a team environment and collaborate with outside stakeholders to resolve issues.
? Excellent communication, writing, and interpersonal skills.
? Broad information cybersecurity knowledge, including familiarity with common attack methodologies, tactics
and protocols, Advance Persistent Threat groups, Hacker activities, etc.
? Understanding of common application vulnerabilities, secure coding practices, and common attack vectors is
essential. Knowledge of OWASP Top Ten vulnerabilities is crucial.
? Familiarity with security tools and technologies, such as SAST(Static Application Security Testing), DAST (Dynamic
Application Security Testing), BOT protection web application firewalls (WAFs), and vulnerability scanners.
? Experience in network intrusion detection, including experience using common network monitoring tools - IDS,
IPS, SIEM and Syslog.
? Familiarity with threat intelligence services, sources of indications of compromise feeds for SIEM use.
? Understanding of common network vulnerabilities and penetration testing tools including but not limited to
Metasploit, Qualys, Nessus, and Nmap.
? Knowledge of Log analysis, correlate events and identify indicators of threat activity via SIEM Tools; such as IBM
QRadar or Sumo Logic.
? Knowledge of EDR Tools, triage investigation; CrowdStrike, Carbon Black, FireEye.
? Knowledge of Email Security, Phishing/Malware Email Analysis, Data Loss Prevention.
? Knowledge of IOC investigation, OSINT, and Sandbox Analysis.
? Knowledge of Cloud Environment and Cloud Security; AWS, Azure.
? Working knowledge of Networking and infrastructure technologies, WAN/LAN concepts, firewalls, switches, and
? Knowledge of retail business is preferred.
? Keen attention to detail.
? SEC+, GIAC, CEH, CISA or CISM a plus.
As the Security Operations Analyst, You Will:
? Monitor for potential compromise, intrusion, significant event, or threat to the security posture of the company.
? Assess host and network threats such as computer viruses, exploits, and malicious attacks.
? Capable of determining true threats, false positives, and providing solutions to issues detected in a timely
? Responsible for collecting, analyzing, escalating, responding, and producing documentation to cyber security
? Develop, update, and maintain standard operating procedures and other technical documentation.
? Training and developing skills.
Your Life and Career at Saks Cloud Services
Thank you for your interest with Saks Cloud Services. We look forward to reviewing your application.