Company is a global supplier of wafer fabrication equipment and related services to the semiconductor industry. Its products are used primarily in front-end wafer processing, which involves the steps that create the active components of semiconductor devices and their wiring.
The Cyber Security Operations Center (CSOC) Analyst will be responsible for security monitoring, tuning, detection, and incident response to protect information, Information Technology (IT) and Operational Technology (OT) infrastructure.
• Provide security monitoring and incident response services supporting the mission to protect company and its customers’ information assets
• Identifying and implementing additional SIEM use cases.
• Act as a point of escalation for tier 1 CSOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques
• Actively participate in researching trends and current countermeasures for cyber security vulnerabilities, exploits, and other malicious activity
• Act as a liaison between the CSOC and Incident Response Team
• Assist in creation and maintenance of documentation for CSOC procedure and processes
• Contribute to the development and improvement of security monitoring and incident response processes and solutions as required to support company's cyber security program
• Explore opportunities for SOC maturity improvement and automation capabilities
• Responsible for working in a 24x7 Cyber Security Operation Center environment
• Drive the outcomes of lessons learned to further the security posture of the business.
• Solid foundation in technical domains such as: Networking, firewalls, systems administration, application development, cloud computing and information security best practices
• Knowledge in the areas of endpoint security, cloud security, network security, threat hunting, threat analysis and Digital Forensics and Incident Response (DFIR), intrusion detection and intrusion prevention
• Security monitoring experience with one or more SIEM technologies such as Azure Sentinel. Splunk, QRadar, etc.
• Strong understanding of security incident management and response lifecycle.
• Familiar with Windows and Linux operating systems as well as OS security best practices.
• Strong verbal and written communication skills
• A self-motivated person that can use their creative and experience-driven investigation skills to solve problems and do analysis
Nice to Have:
• Experience with computer lab environments and operational technology (OT) preferred
• Hands on experience with Microsoft security technologies such as Microsoft Defender for Endpoint, Microsoft Cloud App Security and Azure Sentinel
• Experience with digital forensics, penetration testing, threat intelligence, malware analysis or reverse engineering
• Experience with Kusto Query Language (KQL)
• Experience with a scripting language (Python, Bash, PowerShell, etc.)
• Bachelor’s degree or Advanced Degree in Computer Science, Information Technology, Cybersecurity, or related discipline
• 5+ years of experience in Information Security role
• 2+ years of Security Operations Center Experience
• At least one of the following processional certifications required: Security+, CISSP, CISA, CISM , CEH, OSCP, GMON
• Certifications preferred but not required: CCNA, Linux+, Azure Administrator, Azure Security Engineer