Under general direction and supervision, the SOC Analyst will be responsible for the all Tier 1 and lower-level Tier 2 task in the Security Operations Center (SOC). The task can range from various proactive, reactive, and support services in collaboration with the Cybersecurity team. The primary task will be to monitor activity and properly respond to malicious activity based on playbooks and the Incident Response Plan. Other duties may involve a range of activities as needed – such as threat hunting, testing playbooks, and assisting with various cybersecurity activities.
Investigate triaged events and incidents using SIEM technologies, Endpoint Detection and Response platforms, and various cybersecurity tools.
Analyze, escalate, and assist in remediation of critical in-formation security incidents.
Support Incident Response Plan through Tier one support of activities surrounding following the PICERL model; Preparation, Identification, Containment, Eradication, Recovery & Lessons Learned.
Assists in enforcing and auditing information security policies and procedures such as access, breach escalation, use of firewalls and encryption routines.
Assists in updating, maintaining, and documenting security controls. Provides direction and support to clients and internal IT groups for information security-related issues.
Performs administration duties of varied server technologies, enterprise systems and peripheral devices, network and security devices, and all desktop computer systems and peripherals within the last five years on market.
Assists in performing high-level analysis of complex and disparate computing systems, networks, and data architectures to identify, rectify, and prevent technical and information security vulnerabilities.
Performs work on critical automated processes, computer systems, networks, databases, information systems, telecommunication systems, and computer policies, procedures, and practices.
Demonstrates high-level technical skills in the areas of in-formation security, networking and computer systems, and excellent capacity for grasping relevant details and complex systems analysis.
Performs other related duties as assigned by the supervisor.
Minimum Education and Experience
Education Level Bachelor’s degree from an accredited institution
Field of Study No specific discipline.
Years of Experience 3+ based on combination of experience and education. See below.
Area of Experience Relevant IT experience in administering security measures to monitor and protect sensitive data and systems from infiltration and cyber attacks.
Alternate Minimum Education and Experience (If available)
High School Diploma - 11 year’s experience required
Associate’s Degree - 7 year’s experience required
Bachelor’s Degree - 3 year’s experience required
Minimum Skills and Abilities
Applicant must have a four-year bachelor’s degree, preferably in an IT or related field and three or more years of relevant IT experience in administering security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks.
If an applicant does not have a college degree, the following substitutions will be acceptable: High School diploma and 11 or more years of IT experience explained above or Associate’s Degree and 7 or more years of relevant experience.
General technical skills, includes TCP/IP knowledge, SIEM, networking and security product experience, and ticket-management systems.
Strong analytical and problem-solving skills, and works well in a team environment, and willingness to acquire in-depth knowledge of network- and host security technologies and products continuously improve these skills.
Knowledge of intermediate troubleshooting, client relations, and cybersecurity principles. Ability to implement a plan to address and mitigate security vulnerabilities. Ability to recognize, analyze, and solve a variety of problems. Ability to communicate technical concepts to a non-technical audience.
No certification required; however, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), GIAC (SANS), or ISC (2) preferred.
Basic experience with the following Operating Systems is recommended but not required: Linux distributions (Ubuntu, Kali Linux, Debian), iOS (current versions), Android OS (current versions), macOS (current versions)
AUBURN UNIVERSITY IS AN AFFIRMATIVE ACTION/EQUAL OPPORTUNITY EMPLOYER. It is our policy to provide equal employment opportunities for all individuals without regard to race, sex, religion, color, national origin, age, disability, protected veteran status, genetic information, sexual orientation, gender identity, or any other classification protected by applicable law.