JOB REQUIREMENTS: Heartland Technology Group Description: Position
Summary: A Security Operations Center (SOC) Analyst II provides real
time security monitoring and threat hunting in our Security Operations
Center. This individual will have the opportunity to work with customers
across many industries by providing managed security services such as
XDR, SIEM, vulnerability scanning, firewall and end point management. In
this position, you will provide exceptional customer service by
assisting customers in identifying potential security incidents, attack
sources, root causes and/or threat actors. Roles and Responsibilities/
Essential Functions: Provides security event monitoring and analysis to
identify critical security events at client sites. Characterize and
analyze network traffic to identify anomalous activity and potential
threats to network resources. Coordinate with customer staff to validate
security alerts. Document and escalate incidents (including event's
history, status, and potential impact for further action) that may cause
ongoing and immediate impact to the environment. Perform event
correlation using information gathered from a variety of sources to gain
situational awareness and determine the effectiveness of an observed
attack. Receive and analyze network alerts from various sources and
determine possible causes of such alerts. Provides recommendations for
system tuning and enhancements. Analyze identified malicious activity to
determine weaknesses exploited, exploitation methods, effects on system
and information. Conduct research, analysis, and correlation across a
wide variety of all source data sets (indications and warnings). Notify
customer of suspected cyber incidents and articulate the event's
history, status, and potential impact of further action. Work with
customers to resolve computer security incidents and vulnerability
compliance. Provide guidance and expertise to SOC Analyst I's and other
team members. Participate in an on-call rotation. Commits changes to
DevOps repositories and syncs global changes to client environments.
Serve as the primary person for onboarding new clients into the various
services. Writes new analytics rules, log parsers, and workbooks.
Performs proactive threat hunting. Serves as a technical resource for
the Sales team during the sales process by answering questions and/or
performing demos of SOC services. Requirements: Competencies: Accuracy -
Strong attention to detail. Active Listening Ability to actively attend
to, convey, and understand the comments and questions of others.
Adaptability Ability to adapt to change in the workplace. Assertiveness
Ability to act in a self-confident manner to facilitate completion of a
work assignment or to defend a position or idea. Coaching and
Development ability to provide guidance and feedback to help others
strengthen specific knowledge/skill areas. Conflict Resolution Ability
to deal with others in an antagonistic situation. Decision Making
Ability to make critical decisions while following company procedures.
Delegating Responsibility Ability to allocate authority and/or task
responsibility to appropriate people. Honesty / Integrity Ability to be
truthful and be seen as credible in the workplace. Innovative ability to
look beyond the standard solutions. Leadership Ability to influence
others to perform their jobs effectively and to be responsible for
making decisions. Problem Solving Ability to find a solution for or to
deal proactively with work-related problems. Relationship Building
Ability to effectively build relationships with customers and
co-workers. Resource Management Ability to obtain and appropriate the
proper usage of equipment, facilities, materials, as well as personnel.
Time Management Ability to utilize the available time to organize and
complete work within given deadlines. Required Experience: Associate of
Applied Science (AAS) or bachelor's degree orequivalent experience 1+
years working within a security operations center Preferred Experience:
2+ years working in or with security products Required Skills, Education
and/ or Certifications: Experience with security tools Preferred Skills,
Education and/ or Certifications: Experience with SIEM software
Experience with Defender for endpoint Azure, AWS, GCP DevOps Equal
Opportunity Employer - Including Disabled and Veterans #HBS PI284212805
* ** APPLICATION INSTRUCTIONS: Apply Online:
https://www.click2apply.net/zqGMRgcdOADNLSGJxizoeX
