Security Operations Center (SOC) Analyst at Britam

Job Purpose:

• To Monitor and analyze security incidents, identify and mitigate threats, and ensure the security of Britam's information systems. 
  We are seeking a highly skilled and motivated SOC Analyst to join our dynamic Security Operations Center (SOC) team. 
• The ideal candidate will have a strong background in cybersecurity, with expertise in threat intelligence, threat detection, incident response, and security operations. In addition to technical proficiency, the candidate should possess excellent communication skills and the ability to mentor junior SOC analysts.
• Experience with automation tools and artificial intelligence (AI) is highly desirable. 

Key Responsibilities:

• Monitor and analyze security alerts and incidents generated by various security tools and technologies, including SIEM, IDS/IPS, endpoint detection and response (EDR), and network traffic analysis tools. 
• Investigate security incidents, including analyzing logs, network traffic, and endpoint data to identify indicators of compromise (IOCs) and determine the scope and impact of the incident.
• Conduct in-depth analysis of security events and incidents to identify root causes, indicators of compromise (IOCs), and attack vectors. 
• Develop and maintain SOC playbooks, procedures, and workflows to streamline incident response processes and improve efficiency.
• Mentor and train junior SOC analysts on security best practices, incident response procedures, and technical skills. 
• Collaborate with cross-functional teams, including IT, network operations, and application development, to address security vulnerabilities and improve overall security posture. 
• Evaluate and implement security technologies, tools, and solutions to enhance SOC capabilities and effectiveness. 
• Leverage automation tools and AI-driven analytics to optimize threat detection, response, and remediation processes. 
• Participate in security awareness training programs for employees and guide cybersecurity best practices. 
• Develop and participate in tabletop exercises, incident response drills, and simulations to test and improve incident response procedures and preparedness.
• Stay current with emerging threats, vulnerabilities, and security technologies through continuous learning and professional development.
• Gather and analyze threat intelligence to identify emerging threats and vulnerabilities, monitor external sources for threat indicators and assess there relevance to organizational security and develop and maintain threat intelligence reports.
• Collaborate with IT and other departments to ensure security best practices are followed.
• Delegated Authority:  As per the approved Delegated Authority Matrix.

Key Performance Measures:

• As described in your Personal Score Card.

Knowledge, experience, and qualifications required:

• Bachelor’s degree in computer science, Information Security, or a related field. 
• Certifications (e.g., GIAC, CEH, PNPT, CompTIA Security+) is a plus. 
• Minimum of 3-4 years of experience in cybersecurity, with at least 2 years of experience in a SOC role. 
• Strong understanding of cybersecurity principles, threat intelligence, and attack methodologies. 
• Experience with security technologies such as SIEM, IDS/IPS, EDR, firewalls, and endpoint security solutions.
• Proficiency in scripting and automation using languages such as Python, PowerShell, or Bash. 
• Familiarity with artificial intelligence (AI) and machine learning (ML) concepts and their application to cybersecurity. 
• Excellent analytical skills with the ability to analyze and interpret complex security data sets. 
• Effective communication skills with the ability to convey technical concepts to both technical and non-technical audiences. 
• Strong leadership and mentoring abilities with a desire to help develop junior talent within the SOC team. 
• Knowledge of regulatory requirements and compliance frameworks relevant to the financial services industry (e.g., PCI DSS, GLBA.)
• Ability to analyze and interpret security logs and data.
• Understanding of network protocols and security technologies.
• Strong problem-solving and analytical skills.