SOC Analyst – Intermediate

• Provide service to IT client community, patients, families and visitors, while protecting the integrity and confidentiality of all data and information through physical and electronic measures
• Monitor and investigate security alerts to detect malicious activity that originate from the SIEM, NGFW, EDR, NGAV, etc
• Follow incident specific playbooks and procedures documented by SOC leadership while investigating and responding to malicious activity
• Maintain accurate notes in the case management system
• Proactively identify and remediate threats occurring in the environment by demonstrating the ability to hunt in SIEM and EDR solutions
• Provide on-call support at designated times in accordance with the policies and procedures of the Health System
• Collaborate with the team and answer any questions that other analysts may have
• Assist in the training of new team members
• Assist in investigating alerts escalated by associate level staff members
• Work independently to investigate security incidents and alerts

• Typically has a 4-year academic degree and 2+ years of information security or equivalent practical work experience
• Demonstrates and applies thorough understanding of information technology tools, best practices, and concepts
• Completes on-going training on-the-job, through courses, self-study, certifications and/or advanced degrees to maintain and enhance technical and business capabilities
• Maintains current knowledge of security techniques and technologies and applies that knowledge to mitigate risk
• Participates in an On-Call Team rotation
• Previous experience with some of the following security technologies: Security information and event management (SIEM), Endpoint Detection and Response (EDR), Anti-Virus, IDS/IPS, and NGFW solutions
• Knowledge of tactics attackers are using while continuing to monitor for new tactics and procedures being utilized

CompTIA Network+ and Security+ certifications are preferred