Tier 1 SOC Analyst (24x7x365)

Binary Defense is seeking talented Tier 1 SOC Analysts to work as part of our 24x7x365 Security Operations Center team. Our SOC is 100% Remote. You will be provided with equipment to work remotely and will receive training on our clients, processes, and technologies.

PLEASE NOTE: This is a 4+ month contract with possibility of becoming a permanent, full-time, salary position with full benefits.

Responsibilities:

• Actively monitor and investigate security alerts to detect malicious activity at our clients during your shift in our 24x7x365 SOC.
• Perform Cyber Kill Chain and MITRE ATT&CK analysis on incoming security alerts.
• Follow documented procedures to properly triage and respond to identified malicious activity, such as escalation or remediation actions.
• Provide our clients with clear/concise written investigations within the Binary Defense service management system.
• Communicate and collaborate with Binary Defense clients through the lifecycle of all escalated security investigations.
• Contribute to general security operations across all clients in the Binary Defense portfolio, whether through escalations, regular meetings, etc.
• Participate in internal meetings, such as shift turn over, team meetings, etc. to collaborate with your fellow team members and perform knowledge transfer.
• Perform regular training to stay sharp on the latest technologies, methodologies, etc. (Binary Defense will sponsor this training).
• Stay up-to-date on the latest vulnerabilities, threats, and attacks around the world.
• Be a team player and interface regularly with your shift mates and colleagues.

Requirements:

• Bachelor’s Degree in Cyber Security or equivalent work experience.
• Familiarity with the principals of network and endpoint security, current threats, vulnerabilities, and attack trends. Additionally, analysts should have a working knowledge of security principals and frameworks such as Cyber Kill Chain, MITRE ATT&CK, etc.
• SOC Analysts must be competent to work at a high technical level and be capable of identifying threats and attack vectors.
• One or more Cybersecurity certifications.
• Excellent written and oral communication skills
• Previous work or classroom experience with Security Information Event Management (SIEM) platforms, such as:
• AlienVault USM Anywhere [or] Appliance, Splunk, IBM QRadar, Microsoft Sentinel, etc.
• Previous work or classroom experience with Endpoint Protection platforms, such as:
• CrowdStrike, Carbon Black, SentinelOne, Cybereason, etc.
• Willingness to learn and continually improve skills.