Global Security Operations Center (GSOC) Senior Cyber Security Analyst
Cyber Security Posted: 28-Jun-2022
Alexandria, Virginia, United States
Arlington, Virginia, United States
Atlanta, Georgia, United States
Austin, Texas, United States
Birmingham, United Kingdom, United Kingdom
Boca Raton, Florida, United States
Buffalo, New York, United States
Charlotte, North Carolina, United States
Cincinnati, Ohio, United States
Cleveland, Ohio, United States
Columbus, Ohio, United States
Dallas, Texas, United States
Davenport, Iowa, United States
Dayton, Ohio, United States
Des Moines, Iowa, United States
Detroit, Michigan, United States
Harrisburg, Pennsylvania, United States
Hermitage, Tennessee, United States
Houston, Texas, United States
Indianapolis, Indiana, United States
Jacksonville, Florida, United States
Kansas City, Missouri, United States
Louisville, Kentucky, United States
Mclean, Virginia, United States
Miami, Florida, United States
Milwaukee, Wisconsin, United States
Nashville, Tennessee, United States
Orlando, Florida, United States
Phoenix, Arizona, United States
Pittsburgh, Pennsylvania, United States
Portland, Oregon, United States
Raleigh, North Carolina, United States
Rochester, New York, United States
Rosslyn, Virginia, United States
Salt Lake City, Utah, United States
San Antonio, Texas, United States
St. Louis, Missouri, United States
Tampa, Florida, United States
Tulsa, Oklahoma, United States
Washington Dc, Virginia, United States
Work you'll do
- Serve as a primary escalation point for other GSOC analysts during the course of advanced incident investigation
- Provide guidance on response action plans for events and incidents based on a wide range of incidents
- Provide intermediate-level event analysis, incident detection, and escalate to leads as appropriate
- Advanced analysis of the results of a wide range of threat detection and incident response platforms
- Ensure that all identified events are promptly validated and thoroughly investigated
- Collaborating with the Deloitte Cyber Threat Intelligence team, and leverage Open-Source Intelligence (OSINT) to identify and search for new malicious Indicators of Compromise (IOCs)
- Provide oversight and guidance to junior Analysts to monitor, detect, analyze, remediate, and report on cybersecurity events and incidents
- Responsible for identifying training needs for the junior analysts
- Oversee documentation owned by the GSOC team including, but not limited to, Standard Operating Procedures (SOPs) and Operational Level Agreements (OLAs)
- Create and document new Standard Operating Procedures (SOPs)
- Coordinate with the Security Tool specialists to implement new or enhanced threat detection logic, signatures, and/or IOCs
The team
Qualifications
- Minimum of 2 years of combined experience in the Information Security / Cybersecurity domain with a focus on security event monitoring
- Experience with SIEM solutions, analyzing events and content creation
- In depth, hands-on experience with at least two of the following technologies: Unix administration, Windows Server administration, Active Directory, Windows Workstation, Routers /Switches management, Firewall Management, SAN/NAS, Web servers, IAM/AAA, IDS/HDS, System vulnerability scanning tools, Application/Database vulnerability scanning tools, mobile device analysis or Secure coding
- Experience analyzing possible attack activities such as network probing/ scanning, DDOS, malicious code activity and possible abnormal activities, such as worms, Trojans, viruses, etc. and coordinating remediation actions as necessary
- Willingness to work within a follow-the-sun model (no overnight shifts) to provide coverage of Deloitte networks
- Understanding of network devices such as routers, switches. TCP/IP knowledge
- Understanding of common network services (web, mail, FTP, etc.), network vulnerabilities, and network attack patterns
- Experience working with IDS/IPS, network- and host- based firewalls, data leakage protection (DLP), DAM (Database activity monitoring)
- Experience with EDR tools, operation, and analysis of events
- Proven track record of leadership skills and qualities
- Experience working with ticketing systems
- Intermediate knowledge in system security architecture and security solutions
- Excellent written and verbal, interpersonal and collaborative skills
(Bonus points if you have)
- Bachelor’s degree: degree in computer science, information technology, mathematics, engineering, or other technical degree preferred
- Security+
- Network+
- CySA+
- CCNA
- Splunk Certified User
What Deloitte can do for you
- Invest in your career growth by providing you with formal and informal development programs
- Empower you to take lead on key projects that may enhance your leadership and team building skills
- Provide you with on-the-job training and cross-training opportunities
- Give you the opportunity to foster your coaching and mentoring capabilities
- Help you identify and hone your unique strengths
- Connect you with technical & security leads within Deloitte who can become part of your career growth
- Help you embrace leadership opportunities at every step of your career
- 100% Remote
- Competitive pay scale
- Empowered well-being
- Paid time off and collective disconnect holidays
- Competitive medical, dental and vision plans
- Paid parental leave
- Physical and mental wellness programs
- Pension plans and 401(k) for retirement