(SOC) Security Operation Center Analyst

Description

About A&M

Alvarez & Marsal is a leading independent global professional services firm, specializing in providing turnaround management, performance improvement and corporate advisory services. With over 10,000 professionals based in 70+ locations across North America, Europe, Asia, and Latin America, our firm excels in problem solving and value creation. Drawing on a strong operational heritage and hands-on-approach, our professionals work closely with organizations and stakeholders to help tackle complex business issues and maximize value.

Security Operation Center Analyst

The Global Security Office (GSO) is actively seeking a Security Operation Center Analyst to join our team. The selected individual will play a crucial role, working closely with the SOC Manager as a key member of the GSO. This position, based in the United States, is essential for upholding the security and integrity of our day-to-day operations.

Responsibilities:

• Responsible for working in a global 24x7 Security Operation Center (SOC) environment which consists of an in-house and outsourced SOC.
• Perform real-time alert monitoring and service / respond to the ticket management queue.
• Provide Incident Response (IR) support when analysis confirms actionable incident from the outsourced SOC and/or internal systems.
• Provide analysis and trending of security log data from a large number of heterogeneous security devices across different layers.
• Provide threat and vulnerability analysis with recommendations
• Investigate, document, and report on information security issues and emerging trends.
• Analyze and respond to previously undisclosed software and hardware vulnerabilities.
• Integrate and share information with other analysts and teams.
• Participate in security projects collaborating with stakeholders as needed
• Able to participate on a weekend on-call rotation.
• Other tasks and responsibilities as assigned through ticketing system.
  
  
  

Core Qualifications:

• Bachelor's degree in a related field (Security, Forensics or Computer Science is preferred)
• At least 4 years of experience as a security analyst, incident handler/responder within security operations (SecOps or SOC)
• Excellent knowledge of security methodologies, processes (like Kill chain/diamond models, MITRE ATT&CK framework and SANS).
• Excellent knowledge of technical security solutions (firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, AVs, DLP, CASB, proxies, network behavioral analytics, endpoint and cloud security).
• In depth knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS and HTTP Protocols, network analysis, and network/security applications.
• Good knowledge of information security frameworks and standards (like ISO 27001, NIST-CSF etc)
• Very good knowledge of common malware threats and attack methodologies.
• Professional Certifications: GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CISSP or other equivalent certifications are highly desirable.
  
  
  

Core Competencies:

• Ability to develop thorough documentation and operational playbooks in addition to suggest alert enhancements to improve detection capability.
• Communicate clearly and effectively (both written and verbal) by contributing significantly to the development and delivery of documents such as incident reports
• Manage change and demonstrate adaptability by embracing change and adjusting priorities or processes and approach as needs dictate.
• Work independently as a team representative in the allocated region as well as show excellent teamwork skills.
• Experienced in working with external vendors and third parties.
• Good understanding of system and network hardening practices.
  
  
  

Compensation Statement:

The salary range is $70,000 - $90,000 annually, dependent on several variables including but not limited to education, experience, skills, and geography. In addition, A&M offers a discretionary bonus program which is based on a number of factors, including individual and firm performance. Please ask your recruiter for details.

Full-time Positions and Part-time Positions Over 30 hours

Regular employees working 30 or more hours per week are also entitled to participate in Alvarez & Marsal Holdings’ fringe benefits consisting of healthcare plans, flexible spending and savings accounts, life, AD&D, and disability coverages at rates determined from time to time as well as a 401(k) retirement plan. Provided the eligibility requirements are met, employees will also receive a discretionary contribution to their 401(k) from Alvarez & Marsal. Additionally, employees are eligible for paid time off including vacation, personal days, seventy-two (72) hours of sick time (prorated for part time employees), ten federal holidays, one floating holiday, and parental leave. The amount of vacation and personal days available varies based on tenure and role type. Click here for more information regarding A&M’s benefits programs.

Diversity & Inclusion

A&M’s entrepreneurial culture celebrates independent thinkers and doers who can positively impact our clients and shape our industry. The collaborative environment and engaging work—guided by A&M’s core values of Integrity, Quality, Objectivity, Fun, Personal Reward, and Inclusive Diversity—are the main reasons our people love working at A&M. Inclusive Diversity means we embrace diversity, and we foster inclusiveness, encouraging everyone to bring their whole self to work each day. It runs through how we recruit, develop employees, conduct business, support clients, and partner with vendors. It is the A&M way.

Equal Opportunity Employer

It is Alvarez & Marsal’s practice to provide and promote equal opportunity in employment, compensation, and other terms and conditions of employment without discrimination because of race, color, creed, religion, national origin, ancestry, citizenship status, sex or gender, gender identity or gender expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, family medical history, genetic information or other protected medical condition, political affiliation, or any other characteristic protected by and in accordance with applicable laws. Employees and Applicants can find A&M policy statements and additional information by region here.

Unsolicited Resumes from Third-Party Recruiters

Please note that as per A&M policy, we do not accept unsolicited resumes from third-party recruiters unless such recruiters are engaged to provide candidates for a specified opening and in alignment with our Inclusive Diversity values. Any employment agency, person or entity that submits an unsolicited resume does so with the understanding that A&M will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person or entity.