Security Operations Center (Soc) Analyst

Tripadvisor LLC Needham , MA 02492

Posted 4 months ago

TripAdvisor's next generation SOC features a dedicated Threat Hunting team designed to proactively detect advanced threats that evade traditional security solutions. Threat hunting includes using both manual and machine-assisted capabilities, and aims to find the Tactics, Techniques and Procedures (TTPs) of advanced adversaries. The candidate must have a curious investigative mind, an interest in information security, and the ability to communicate complex ideas to varied audiences. The Threat Hunter will be a key member of the SOC team responsible for participating in threat actor based investigations, internal red team activities, creating new detection methodology and providing expert support to incident response and monitoring functions. The focus of the Threat Hunter will be to use data analysis, threat intelligence, open source intelligence, and cutting-edge security technologies to develop and execute hunting processes (manual and automated) that will identify threats to tripadvisor and provide quick response to real threats.

Role:

  • The Security Operations Center (SOC) Security Analyst serves in a SOC team, is responsible for conducting information security investigations as a result of security incidents identified by the Level-1 security analysts who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone). You will provide analysis of Information Security Events received from Managed Security Service (MSS) Partners, Internal Tools, and Stakeholders; determine true or false positive; and execute appropriate response procedures.

  • Utilize intelligence to identify risk as well as execute best practices to mitigate or remediate those risks.

  • The SOC Security Analyst is expected to have a solid understanding of information security and computer systems concepts, encryption protocols, and networking protocols.

  • Develop tools and techniques to act as a red team member within our organization.

  • Provide guidance and oversight on incident resolution and containment techniques.

Job Description:

  • Responsible for conducting information security investigations as a result of security incidents identified by the Level 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone), act as a point of escalation for Level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques.

  • Act as the lead coordinator to individual information security incidents.

  • Execute red team activities to identify risks not found by existing security tools.

  • Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures. Follow ITIL practices regarding incident, problem and change management.

  • Automate manual processes to improve efficiency and accuracy of investigations

  • Staying up-to-date with emerging security threats including applicable regulatory security requirements.

  • Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center.

  • Document incidents from initial detection through final resolution.

  • Participate in security incident management and vulnerability management processes.

  • Lead internal threat / unintended threat hunting/deception activities.

  • Coordinate with IT teams on escalations, tracking, performance issues, and outages.

  • Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats.

  • Communicate effectively with customers, teammates, and management.

  • Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies.

The skills required for this candidate

  • Bachelor's Degree / Diploma or equivalent experience in a relevant area of study with a preference for Information Security, Computer Science or Computer Engineering.

  • Excellent English written and verbal skills. Preferred Information Security professional certifications such as CISSP, CISM, CISA, GSEC, CEH.

  • 3-5 years previous Security Operations Center Experience in conducting security investigations.

  • Able to turn manual processes into automated scripts using python, java, or similar languages.

  • Security monitoring experience with one or more SIEM technologies - ELK, IBM QRadar, LogRhythm, Splunk.

  • Demonstrate skills in digital investigations including: computer forensics, network forensics, malware analysis and memory analysis.

  • Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents.

  • Proficient with AWS security best practices adn log collection.

  • Strong understanding of networking protocols and basic networking concepts.

  • Self-starter, work independently and adjust to changing priorities, critical and strategic thinker, negotiator and consensus builder.

  • Strong knowledge of IT including multiple operating systems and system administration skills (Windows, Linux, Mac).

  • Strong understanding of security incident management, malware management and vulnerability management processes.

#LI-RF1


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Operations Analyst

Walker

Posted 2 weeks ago

VIEW JOBS 10/2/2019 12:00:00 AM 2019-12-31T00:00 Primary Responsibilities * Oversight of third-party vendor responsible for new loan setup. * Preparation of Welcome Package for new borrowers. * Oversight of tax service vendor and interact with servicing staff to ensure timely payment of property taxes. * Ensure all escrow analysis are prepared accurately and timely. Notify servicing staff of any exceptions when analysis results fall outside of predetermined thresholds. * Manage the interest rate reset process for adjustable rate loans and generate rate change notifications to be sent to borrowers. * Track and monitor UCC expiration dates and work with outside vendor to ensure the timely filing of continuations. * Oversight of third-party vendor responsible for the preparation and timely filing of lien releases and UCC terminations at the time of loan payoff. * Perform Quality Control testing across all vendor relationships to ensure a high standard of quality is maintained. * Produce and distribute key Reports from the Servicing System to the Servicing group. * Assist in automating tasks within the Department as necessary. * Other duties as assigned. Education and Experience * Bachelor's degree in Business, Finance, Accounting or related field. * 1+ year(s) of work experience preferred, ideally in Servicing or commercial real estate finance. Knowledge, Skills and Abilities * Ability to work as a part of a team, while providing a strong individual contribution. * Excellent attention to detail, judgment, flexibility and dependability. * Strong time management and organizational skills. * Requires excellent communication skills, written and oral, through all levels of the organization. * Excellent computer skills with ability to create and utilize spreadsheets. * Energetic self-starter. EEO Statement Walker & Dunlop is an equal employment opportunity employer and does not discriminate based on race, color, national origin, religion, gender identity, sexual orientation, sex, age, disability, veteran or military status, genetic information, or any other characteristic protected by applicable law. SPAM Please be wary of recruitment scams. An indication of a scam might be a request for sensitive or bank information at the time of application or emails coming from a non walkerdunlop.com email address. Please call us at 301.215.5500, if you have any concerns about information requested during or after the application process. Walker Needham MA

Security Operations Center (Soc) Analyst

Tripadvisor LLC