SOC Insider Threat Lead Analyst

• Perform monitoring, research, assessment and analysis on alerts from various security tools, including firewalls, antivirus systems, user behavior analytics tools, proxy devices and SIEM tools
• Recommend and review new use cases for insider threat monitoring
• Follow pre-defined actions to investigate security incidents or perform incident response actions, including escalating to other support groups
• Execute daily ad hoc tasks or lead projects as needed
• Participate in or lead daily and ad-hoc conference calls
• Create, update or provide process documentation, or provide requested evidence for compliance & controls requests

• 6+ years working in the security & operations fields
• Bachelor’s degree or higher (Computer Science or Cybersecurity preferred) or equivalent work experience
• Excellent knowledge of network security, TCP/IP, various operating systems (Windows/UNIX), and web technologies (focusing on Internet security)
• Ability to read and understand packet level data
• Experience with user behavior analytics, DLP, IDS/IPS, firewalls, and host security products (HIPS, AV, EDR, etc)
• Good communication skills with the ability to articulate clearly in high stress situations
• Work independently and are self-directed
• Detail oriented and perseverant individual
• Positive attitude with the drive to get the work done
• Self-starter with good problem solving skills, and you continuously look for ways to improve things
• Understand the importance of prioritization of your work
• Skills and proficiency with MS PowerPoint, Excel, Access or other analytical tools

Certifications from EC-Council, GIAC, or (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA]