Senior Internal SOC Analyst leading security triage and investigations for Darktrace, utilizing AI - driven cybersecurity technology. Collaborating on incident response and mentorship within a hybrid work environment.
About the role
- CSOC Analyst identifying cybersecurity issues and analyzing network traffic for mitigation strategies. Joining a team at Nightwing to enhance resilience and security operations for mission support.
Responsibilities
- Identification of Cybersecurity problems which may require mitigating controls
- Analyze network traffic to identify exploit or intrusion related attempts
- Recommend detection mechanisms for exploit and or intrusion related attempts
- Provide subject matter expertise on network based attacks, network traffic analysis, and intrusion methodologies
- Escalate items which require further investigation to other members of the Threat Management team
- Execute operational processes in support of response efforts to identified security incidents
- Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements
- Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, etc
- Follows strict guidance on reporting requirements
- Keeps management informed with precise, unvarnished information about security posture and events
- Promotes standards-based workflow both internally and in coordinating with US-CERT
- Engages with other internal and external parties to get and share information to improve processes and security posture
- Supervises and guide team efforts
- Communicates to CISO leadership
- Produces design documentation
- Leads analyzing/investigating reports or anomalies
Requirements
- Must be eligible to obtain a sensitive clearance – Position of Public Trust – and may be required to obtain a higher security clearance
- Must have 2+ years of relevant work experience
- Must have experience in: Endpoint Detection and analysis, Sysmon log analysis, IT security, Network traffic analysis
- Strong working knowledge of: Boolean Logic, TCP/IP Fundamentals, Network Level Exploits, Threat Management
- Knowledge of Control Frameworks and Risk Management techniques
- Excellent oral and written communication skills
- Excellent interpersonal and organizational skills
- Strong understanding of IDS/IPS technologies, trends, vendors, processes and methodologies
- Strong understanding of common IDS/IPS architectures and implementations
- Strong understanding of IDS/IPS signatures, content creation and signature characteristics including both signature and anomaly-based analysis and detection
- Desired Skills: Splunk experience, developing queries, data models, and dashboards; Cloud monitoring experience is a plus; Excellent writing skills
Benefits
- Nightwing is An Equal Opportunity/Affirmative Action Employer.
- All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Operations Intern responsible for security monitoring at Paddy Power Betfair. Involves data loss prevention investigations and content filtering analysis with a commitment to improving security posture.
SOC Analyst L2 responsible for managing and analyzing security incidents in digital transformation. Contributing directly to the protection of companies and infrastructures.
SOC Analyst L3 managing and analyzing security events and incidents for Var Group. Responsible for incident management and proactive threat analysis.
Senior Manager leading global IT security operations to protect company data and assets at Keenova. Overseeing incident response, monitoring, and cybersecurity capabilities with strategic oversight.
Security Operations Center leader at Woven by Toyota, managing triage and response to security alerts in Japan. Collaborating with global SOCs to ensure 24/7 operations.
GSOC Analyst responsible for security operations at Paramount Studios. Developing workflows, incident response, and risk monitoring in a dynamic team environment.
Senior Cybersecurity Analyst enhancing detection and response capabilities at Insulet, focusing on threat detection and incident response.
Supervisor for Global Security Operations Center at Enbridge. Leading a dedicated 24/7 team to monitor and protect global facilities and assets.
Security Operations Analyst at Orion Health focusing on monitoring and maintaining security tools while collaborating with teams. Engaging with real - world threats and enhancing operational security processes.