Systems Consultant - Security Operations Center Analyst Ii (Intermediate)
CurrentAs a SOC II Analyst, I investigate alarms, and correlated incidents, generated by the SIEM tools and communicate suspected True Positive and suspicious activity to our clients. When it is applicable, I make recommendations for remediation steps to identified incidents. I act as a point-of-contact for shadowing efforts for internal employees that are interested in pursuing a career in the SOC. I also participate in, and lead, SOC training efforts for incoming new hires that join the team.While performing day-to-day job related tasks, I identify areas for continuous process improvement and report my recommendations to management for consideration. When critical, zero-day vulnerabilities are identified, I will run threat hunting queries, using KQL, against client workspaces to confirm if specific trends or activities have been seen within their environments. When applicable, I perform remediation steps on internal company devices using functionality built into Microsoft Defender.I provide in-depth analysis of monthly incidents for client environments and report the findings to the client’s stake holders in a monthly scorecard reporting session. Additionally, I prepare monthly reports for clients which details on-going security trends and activity within their environments.