Senior SOC Analyst

Duration & Type: 6 months Contract with a major pharmaceutical industry client Location: Candidate can work remotely from any location in the US Description: The SOC is an advanced global team responsible for the detection and response to the most sophisticated cyber threats and attacks. The Senior SOC Analyst will leverage a variety of tools and resources to proactively detect, investigate, and mitigate emerging and persistent threats impacting Company’s networks, systems, and applications. Responsibilities: • Forensics and Incident response: • Serve as escalation point for conducting investigations into security incidents involving advanced and sophisticated threat actors and TTPs • Perform forensic collection and analysis of electronic assets, devices, and log sources • Manage incident response activities including scoping, communication, reporting, and long term remediation planning • Threat Hunting: • Identify, collect, and analyze threat intelligence from internal and external sources and teams • Develop hypotheses, analyze techniques, and execute hunts to identify threats across the environment • Interface with security teams and business stakeholders to implement countermeasures and improve defenses • Big Data analysis and reporting: • Utilizing SIEM/Big data to identify abnormal activity and extract meaningful insights. • Research, develop, and enhance content within SIEM and other tools • Technologies and Automation: • Interface with engineering teams to design, test, and implement playbooks, orchestration workflows and automations • Research and test new technologies and platforms; develop recommendations and improvement plans • Day to day: • Perform host based analysis, artifact analysis, network packet analysis, and malware analysis in support of security investigations and incident response • Coordinate investigation, containment, and other response activities with business stakeholders and groups • Provide mentoring of junior staff and serve as point of escalation for higher severity incidents • Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement • Recommend or develop new detection logic and tune existing sensors / security controls • Work with security solutions owners to assess existing security solutions array ability to detect / mitigate the abovementioned TTPs • Creating custom SIEM queries and dashboards to support the monitoring and detection of advanced TTPs against company network. Required: • Education: Bachelor’s degree in Computer Science or a related field Relevant Technical Security Certifications. • Experience required: 6+ years of experience in Incident Response / Computer Forensics / SOC team / Threat Hunting or related fields • Host and network based forensic collection and analysis • Dynamic malware analysis, reverse engineering, and/or scripting abilities • Proficient with Encase, Responder, X-Ways, Volatility, FTK, Axiom, Splunk, Wireshark, and other forensic tools • Understanding of Advanced Persistent Threat (APT) and associated tactics. • Research, enrichment, and searching of indicators of compromise • Very strong team and interpersonal skills along with the ability to work independently and achieve individual goals. • Coordinate with other team members to achieve the specified objectives. • Effective oral and written communication skills. For consideration, please send resume to [email protected]