Threat Monitoring SOC Analyst

Verizon Communications Irving , TX 75061

Posted 2 weeks ago

What you'll be doing...

The Threat Monitoring team is considered the front-line of defense for Verizon's networks and computing environment. The Threat Monitoring Analyst is considered a crucial role in the defense of Verizon's networks and computing environment. Monitoring and analysis of potential and active threats targeting Verizon defines this role. Analysts must be agile, willing to learn, and think outside of the box in order to operate effectively in an ever changing threat landscape. This mid-career position provides an opportunity to work in a fast paced collaborative environment defending Verizon from current and future cyber threats.

Responsibilities for the Midlevel Threat Monitoring Analyst of the Verizon Threat Management Center (TMC) Threat Monitoring Team:

  • Monitors and analyzes logs and alerts from a variety of different technologies across multiple platforms in order to identify and mitigate security incidents affecting the Verizon enterprise. This includes analysis of logs from:

  • IDS/IPS

  • Firewall

  • Proxies

  • Anti-virus and end-point protection

  • Servers and workstations

  • Other security technologies and devices

  • Assess the security impact of security alerts and traffic anomalies to be able to gather a broad view of the overall risk profile of the enterprise

  • Leverage understanding of Operating Systems (Windows, Unix/Linux, and OSX) in support of identifying security incidents and to have a proper overview of risk profile

  • Executes analysis of email based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures

  • Utilize and adhere to defined workflow and processes driving the Threat Monitoring and escalation/handoff actions

  • Analyze potential cyber threats from a variety of intakes taking appropriate response actions to include threat containment and/or escalation

  • Processes tactical mitigations based on results of analysis and determination of threat validity

  • Follow escalation and handoff procedures to team members and leadership based on defined threat and priority determination

  • Utilize a variety of security tools and technologies to analyze potential threats to determine impact, scope, and recovery

  • Leverage network security tools and capabilities to support Cyber Threat Monitoring activities

  • Documents results of cyber threat analysis effectively and prepares comprehensive handoff and/or escalation for Incident Reponses or other teams within the TMC

  • Provides recommendations to enhance and advance the defensive capabilities of the Threat Management Center (TMC) and its subsequent ability to defend the Verizon Enterprise

  • Recommends prioritization changes

  • Executes automated malware analysis to determine initial threat impact and takes actions appropriately

  • Write technical articles for knowledge sharing

  • Follow-up and follow through with commitments, exhibiting initiative

  • Expected to work relatively independent, after appropriate training

  • Mentor and provide guidance to junior team members

What we're looking for...

You'll need to have:

  • Associate's degree or two or more years of work experience.

  • Three or more years of relevant work experience.

Even better if you have:

  • B.S. preferred or equivalent work experience

  • Three or more years of relevant work experience (at least one in a Security Operations Center (SOC)/Threat Monitoring environment)

  • Previous experience working in a Security Operations Center (SOC) with focus on Computer Network Defense (CND)

  • Previous experience working with SIEM technologies (i.e. Splunk)

  • Knowledge of Threat Monitoring Procedures

  • Solid understanding of threats, attacks, logs, operating systems and security technology (firewalls, anti-malware, proxies, etc.)

  • Previous Information Assurance or Cyber Experience in the Telecommunications industry

  • Deep knowledge and understanding of cyber risks and threats related to cyber attackers

  • Knowledge of Enterprise Anti-Virus, IDS, Full Packet Capture and Host/Network Threat Analysis

  • Understanding of Networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture)

  • Fundamentals of Mobile Platforms: Windows Phone, iOS, Android

  • Programing, scripting and experience with Regex

  • Strong communication and presentation skills along with the ability to work in a highly collaborative environment

  • Strong relationship skills and collaborative style to enable success across multiple partners.
    22CyberOPS

When you join Verizon...

You'll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America's fastest and most reliable network, we're leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we're about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon.

Equal Employment Opportunity

We're proud to be an equal opportunity employer- and celebrate our employees' differences,including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
SOC Advanced Cyber Defense Team Member

Citigroup Inc.

Posted 1 week ago

VIEW JOBS 3/13/2019 12:00:00 AM 2019-06-11T00:00 * Primary Location: United States,Texas,Irving * Education: Bachelor's Degree * Job Function: Technology * Schedule: Full-time * Shift: Day Job * Employee Status: Regular * Travel Time: No * Job ID: 19008158 Description Who are we? Citi Technology Infrastructure (CTI) provides the products and services that enable Citi's workforce, along with the majority of the financial solutions that Citi's customers rely on. We provide the critical technical foundation for Citi's operations through the infrastructure that runs business and general user computing services. We do this by working as one-team to deliver high quality, reliable and modern infrastructure technologies at the right cost. We drive to optimize the functionality and capability of the infrastructure technologies. The Advanced Cyber Defense (ACD) team is a group inside the Citi Security Operations Center (SOC).The ACD team focuses on advanced threat analysis, custom threat detection techniques, SOC process improvement, and assisting in new security tools and technology evaluation.ACD team members need experience in multiple security disciplines including; IDS signature creation, log analysis, malware analysis, Linux/Unix command line and scripting.ACD team member duties include, but are not limited to developing new processes and procedures to enhance SOC monitoring, analysis and escalation procedures, research in new areas of risk and exposures where the SOC should focus, participate in major security events as a Subject Matter Expert (SME), and provide guidance to SOC Tier 1 and SOC Tier 2 analysts' investigations and perform further analysis as needed. Primary Responsibilities: * Enhance current deployment of commercial tools used by Security Operations Center. * Develop new processes and procedures to enhance SOC monitoring, analysis and escalation procedures. * Research and identify the new areas of risk and exposure where SOC should focus. * Participate in major security events as subject matter expert. * Participate in SOC internal projects such as SOC tools development, data analytics and SOC lab expansion. * Provide guidance to SOC Tier 1 and SOC Tier 2 on investigations and further analysis as needed. Qualifications The candidate should have Security Operations Center / Technical Cyber Intelligence analyst background. He/she should be able to perform the SOC analyst Tier 2 duties in addition to following experience and advanced threat analysis skills: * Overall understanding of network and application analysis * Malware Analysis * Network security monitoring and intrusion detection * Application Security Monitoring * Programming and debugging Bachelor Degree in Cyber Security or Equivalent We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Apply Now Citigroup Inc. Irving TX

Threat Monitoring SOC Analyst

Verizon Communications