Security Operations Center Specialist Level 2

Company: Modern Office Methods
Location: Cincinnati
Posted on: September 27, 2024

Job Description:

OVERVIEW & PURPOSE Obviam is national in scope, providing Cybersecurity Services for mid-sized to enterprise organizations including Commercial Business, Healthcare, Retail, Manufacturing, and Gov-Ed markets. We are seeking a highly skilled Security Operations Center Specialist, Level 2 with great client communication skills and an appetite to solve complex cybersecurity and information technology problems to join our IT Security Operations team. Job Summary: This is a fully remote role, supporting Eastern Standard Time (EST) for night shift hours 7pm to 7am EST. The ideal candidate will have a moderate background in Security Operations Centers (SOC) and incident response, with experience in using SOAR, SIEM, and security monitoring tools for detections and investigations. Excellent communication skills and the ability to collaborate effectively with cross-functional teams are essential. At Obviam, we believe a good analyst is the backbone of an effective security organization, using all available resources to identify security threats and vulnerabilities. As a candidate for this role, you will work as a member of a growing team, providing defense against cyber-attacks and playing a vital role in the monitoring, analysis and management of security events / incidents emanating from client networks and systems. As a part of Obviam's 24x7x365 security operations center, this position will leverage creativity, technical acumen, and an eye for detail to ensure our clients' networks, systems, and services are proactively managed. You thrive in working in a fast-paced, technologically forward-leaning environment and are not afraid to push the boundaries of security capabilities. Your responsibilities include fine-tuning detection mechanisms, refining playbooks, and conducting thorough forensic analysis to identify root causes and mitigate future risks. Additionally, you will contribute to continuous improvement initiatives by providing insights and recommendations based on your findings. This role requires willingness to work shifts (including unsociable hours and bank holidays where these fall into your shift pattern) as part of a 24x7 team.
ESSENTIAL FUNCTIONS

• Responsible for incident response work including reviewing events, identifying false positive vs. real threats, identifying host involvement, comparing scan results, review logs, and prioritizing incident/events. Helps to solve Tier I & II incidents and events, ability to escalate where needed.
• Moderate understanding of incident investigation, handling and responses to include incident documentation.
• Leverage threat hunting by tracking common and novel techniques, tactics, Indicators of Compromise (IOCs), and applying measures for detected threats.
• Utilize custom Indicators of Attack (IOAs) and XDR SOAR workflows for automated response and remediation.
• Perform incident detection, response & remediation, threat hunting, digital forensics, and configure alerting rules.
• Monitor and review advanced threat events, Security Incident and Event Management (SIEM), User Behavior and Analytics (UBA) and Endpoint Detection Response (EDR) toolsets and event logs to identify security indicator of compromise, attacks, and threats for remediation and / or suppression.
• Coordinate with other specialists, analysts, and stakeholders to promptly escalate and respond to security incidents.
• Generate and provide scheduled and as-needed reports and recommendations to team, management, and clients regarding monitored security status, incident response, network management, etc.
• Assist in training and mentoring junior specialists, sharing knowledge and best practices.
• Provide recommendations for security improvements, including hardening and content blocking.
• Audit and validate the deployment of security controls to meet standards, guidelines, and compliance requirements.
• Proven proficiency in self-management within a team.COMPETENCIES
• Experience with monitoring and initial incident triage processes.
• Experience with modern aiSIEM and event aggregation tools, such as CrowdStrike, Splunk, Arctic Wolf, AlienVault, or Seceon
• Experience with SOAR platforms and capabilities.
• Moderate analytical skills and the ability to work under pressure.
• Excellent communication and interpersonal skills to interact with team members, management, and external entities effectively.
• Familiarity of frameworks such as PCI, NIST, CIS, and CMMC, MITRE ATT&CK, and ISO 27001, which guide security practices and incident response.
• Willingness to work in shifts, including nights, weekends, and holidays, as SOC operations are 24x7x365.SUPERVISORY RESPONSIBILITY This person does not have any supervisory responsibility. WORK ENVIRONMENT The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, mfds, fax machines, software, and calculators. PHYSICAL DEMANDS
  
  The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to talk or hear. The employee frequently is required to stand and walk. The employee is occasionally required to sit; use hands to finger, handle, or feel; reach with hands and arms; and stoop, kneel, crouch, or crawl. The employee must occasionally lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus. POSITION TYPE & EXPECTED HOURS OF WORK NON-EXEMPT This is a full-time, hourly position with after-hours, 12-hour shifts. TRAVEL No travel is expected for this position. REQUIRED EDUCATION & EXPERIENCE

• Education: Associate's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Certifications: Must possess at least one of the following certifications: Security+ (SEC+), Certified SOC Analyst (CSA), or equivalent.OTHER DUTIES Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. EQUAL OPPORTUNITY EMPLOYER Obviam provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
  
  
  
  PIe7f7ffeceaae-37248-35639368

Keywords: Modern Office Methods, Greenwood , Security Operations Center Specialist Level 2, Other , Cincinnati, Indiana