Provectus is a global technology consulting firm and AWS Premier Partner, that designs and builds solutions for industry-specific use cases, leveraging expertise in data, machine learning, and cloud technologies while fostering a collaborative and inclusive culture.We are seeking a dedicated and proactive Security Operations Center (SOC) Analyst to join our dynamic SOC team.Role Overview: You will work collaboratively to detect and respond to information security incidents, maintain and follow p
Provectus is a global technology consulting firm and AWS Premier Partner, that designs and builds solutions for industry-specific use cases, leveraging expertise in data, machine learning, and cloud technologies while fostering a collaborative and inclusive culture.We are seeking a dedicated and proactive Security Operations Center (SOC) Analyst to join our dynamic SOC team.Role Overview: You will work collaboratively to detect and respond to information security incidents, maintain and follow procedures for security event alerting, and participate in security investigations across client infrastructures. You will perform tasks including monitoring, research, classification, and analysis of security events that occur within our client environments. Level 1 SOC Analysts are the front-line defenses, working closely with Level 2 and Security Engineers, escalating cases as necessary for Incident Response.Requirements:Minimum of 2 years of experience in the Information Security fieldStrong understanding of systems security, security testing, and software securityUnderstanding of cybersecurity principles and general knowledge of cybersecurity technologies, as well as industry-recognized certificationsUnderstanding possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etcGeneral knowledge of the capabilities and/or configuration of cybersecurity controls, specifically those relating to firewalls, access control, authentication, anti-virus/anti-malware, patching, and loggingUnderstanding of fundamental networking protocols such as TCP/IP, DNS, HTTP, DHCP, SSH, etcExperience with *nix platformsFamiliar with scripting languages (Bash, Python, Ruby, Perl, Powershell)Have basic knowledge of cloud security principles and technologies (e.g., AWS, GCP, Azure)Strong analytical and investigative skillsGood written and oral communication skillsTeam player, able to function independently with minimal supervision and as part of a teamAt least an Intermediate level of EnglishResponsibilities:Continuously monitor security information and event management (SIEM) systems for suspicious activities and potential security threats. Responding to alerts within defined SLAsConduct initial triage of security alerts to assess the nature and severity of potential threats, determining if an alert is a false positive or requires further investigationAccurately document incidents and actions taken in the incident management system, maintaining detailed records for further analysis and reportingPerform basic analysis of security events, including reviewing logs, network traffic, and endpoint activity, to identify potential security incidentsCommunicate and escalate incidents to Tier 2 analysts or the SOC Manager as necessary, providing clear and concise information about the nature of the incidentAssist in updating threat intelligence feeds and maintaining up-to-date knowledge of the current threat landscape, including emerging threats and vulnerabilitiesEnsure compliance with organizational policies, procedures, and regulatory requirements related to cybersecurity
Show moreShow less
Position level
Assistant
Type of employment
Full-time
Job responsibilities
Finance and Consulting
Industries
Financial services and Hospitals and health care