Sr CSOC Analyst
| Company | T-Mobile |
|---|---|
| Location | Frisco, TX, USA, Bellevue, WA, USA, Overland Park, KS, USA |
| Salary | $94000 – $169600 |
| Type | Full-Time |
| Degrees | |
| Experience Level | Senior |
Requirements
- 2-4 years of experience working in a large enterprise
- 2-4 years of experience as a SOC or Incident Response investigator or equivalent work experience
- Conversant with cyber security intrusion analysis concepts and techniques
- Understanding of security incident investigation and log analysis
- Experience investigating security incidents, threats and vulnerabilities
- Demonstrable knowledge of networking (TCP/IP, topology, OSI model and network forensics), operating systems (Windows/MacOS/Linux), and web technologies (web applications, database security, web servers)
- Knowledge of federal & compliance regulations e.g. SOX, PCI & CPNI
- Knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP)
- Ability to read and understand system data, including, but not limited to, security event logs, system logs, and firewall logs
- High degree of attention to detail
- Presentation skills to large and small audiences
- Strong verbal and written communication skills
Responsibilities
- Monitor incoming event queues for potential security incidents per operational procedures
- Perform triage, analysis, and response of security alerts to resolve and initiate appropriate courses of action, with critical issues as defined by established procedures
- Collect and organize alert, event and triage data to produce reports to provide feedback to existing content, inform new content, and measure relevant KPIs
- Provide support for and collaboration with higher-tier support teams to investigate advanced incidents
- Assist in the development of new security operations processes as well as the refinement or improvement of existing processes
- Monitor CSOC ticket (or email) queue for potential event reporting from outside entities and individual users
- Maintain CSOC shift logs with relevant activity from current shift
- Document investigation case notes, ensuring relevant details are passed to CIRT for advanced incident analysis
- Update or reference CSOC knowledge management repository as necessary for changes to CSOC processes and procedures and ingest CSOC daily intelligence reports and previous shift pass downs
- Conduct security research and intelligence gathering on emerging threats and exploits
Preferred Qualifications
- Experience supporting Cyber Security Operations in a large enterprise environment
- Experience with SIEM & Log Management solutions
- Experience with cloud security, telecom security, data protection
- Experience with enterprise systems or network administration
- CCNA Security, GCIA, GCIH or other related security certifications