HAYWARD HAWK is seeking a skilled Level 2 Security Operations Center (SOC) Analyst to join our client's team.
The ideal candidate will possess a strong background in security incident detection, analysis, and response, with expertise in SIEM administration, threat hunting, malware analysis, and cloud security.
This role will involve proactive monitoring, analysis of security events, and incident response within a dynamic cybersecurity environment.
Key Responsibilities Administer, configure, and optimize SIEM platforms such as Alien Vault, IBM QRadar, ArcSight, or LogRhythm.
Conduct threat hunting activities to identify and mitigate potential security incidents.
Manage malware outbreaks and perform reverse engineering when necessary.
Act as an escalation point for complex network threat investigations.
Utilize Linux command line for security analysis and investigations.
Implement security controls and monitoring in public cloud environments (AWS, Azure).
Apply regular expressions and data normalization techniques for log analysis and correlation.
Configure, integrate, and monitor endpoint protection solutions (e.g., Cylance, Carbon Black, CrowdStrike).
Understand network protocols and work with web proxies, web application firewalls, and vulnerability assessment tools.
Collaborate in a team environment to address security incidents and provide analytical support.
Maintain positive communication and interactions with stakeholders.
Requirements 2+ years experience in a tech environment.
Prior experience working in a SOC.
Proven experience in SIEM administration and threat detection.
Proficiency in malware reverse engineering and outbreak management.
Hands-on experience with endpoint protection solutions.
Familiarity with public cloud environments (AWS, Azure).
Strong understanding of network protocols and security tools.
Knowledge of Linux command line operations.
Experience in incident response and escalation procedures.
Ability to work collaboratively in a team-oriented environment.
Excellent problem-solving skills and analytical abilities.
Effective written and verbal communication skills.
Familiarity with service management software (e.g., ServiceNow).
Exposure to data visualization platforms (e.g., Domo).
Understanding of system hardening practices.
Flexibility to adapt to changing priorities and client needs.
Preferred Qualifications: Previous experience in Tier I/II incident triage.
Background in client support and technical advisory roles.
Familiarity with network penetration testing tools.
Education and Certifications: Bachelors degree in Computer Science, Information Technology, or related field.
Relevant industry certifications (e.g., CISSP, CEH, Security+, etc.)
preferred.
For more information, please contact Alice Armstrong at Hayward Hawk.
Skills: EDR Defender Sentinel Crowdstrike