Managed Security - Senior SOC Analyst

RSM US LLP

View: 101

Update day: 18-05-2024

Location: Hyderabad / Secunderabad Telangana

Category: Architecture / Interior Design

Industry:

Loading ...

Job content

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.
In order to address the most critical needs of our clients, RSM US LLP established the Security and Privacy Services group, comprised of more than 170 professionals dedicated exclusively to serving the cybersecurity needs of our clients. This group includes experienced consultants located throughout the United States and Canada dedicated to helping clients with preventing, detecting, responding and recovering to security threats that may affect their critical systems and data. We serve a diverse client base within a variety of industries, and we are relied upon to provide expertise across the full suite of security and privacy capabilities including managing the daily activities associated with our clients’ security operations.

We are seeking individuals with both broad and deep managed security services experience and skills to join our team and help run the ongoing security operations for RSM clients in a variety of industries and geographic locations. Successful candidates will have solid working knowledge in software integrations, working with APIs, SIEM experience, automation and orchestration software and trends, and the working knowledge to pull the whole software suite together.
At RSM, security L3 analysts work with large and small companies in variety of industries. They develop strong working relationships with their peers within the security operations center (SOC) while learning their clients’ businesses and challenges facing their organizations. Security engineers work as part of a broader team support of multiple clients. Working in a mutually respectful team environment helps our security teams perform at their best and integrate their career with their personal life. RSM’s security L3 analysts are responsible for advanced investigations, assist clients in incident investigations, assisting security engineers with maintaining SIEM rules, SIEM decoders, SIEM dashboards, reports, and software integrations. You will have the opportunity to:
  • Use security operations center (SOC) monitoring devices (SIEM, IDS, DLP) to review and analyze pre-defined events indicative of incidents
  • Understanding, identifying and researching indicators of compromise (IOCs)
  • Uploading packets and evaluating source/destination activity and payloads
  • Assisting in recommendations for content to detect incidents, including IOCs for blocking and detection
  • Responsible for participating in threat actor based investigations, creating new detection methodologies, and provided expert support to incident response and monitoring functions
  • Lead response and investigation efforts into advanced/targeted attacks.
  • Hunt for and identify threat actor groups and their techniques, tools and processes.
  • Provide expert analytic investigative support of large scale and complex security incidents.
  • Perform root cause analysis of security incidents for further enhancement and continuous improvement.
  • Provide forensic analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors
  • Work closely with security analyst to improve detection and alerting mechanisms
  • Develop and document policies and procedures
  • Write integrations between multiple software suites
  • Work in cross functional teams
  • Gain experience maintaining multi-tenant environments
  • Assist in maintaining code repositories
Basic qualifications for a senior associate-level position include:
  • Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences or prior relevant military / law enforcement experience
  • Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security
  • Previous SIEM experience
  • Previous SOC experience
  • Working Knowledge of at least one programming language
  • Must have a naturally curious mindset and approach
  • Knowledge of operating systems including Linux/Unix and Windows
  • Security incident and event management (SIEM) tools such as StellarCyber, LogRhythm, Devo, ELK stack, etc.
  • Working knowledge of security architectures, devices and threat intelligence consumption and management
  • Be able to convert intelligence into actionable mitigation and technical control recommendations and SIEM detection rules
  • Knowledge of the underlying logic that security alerts are built upon and apply them when analyzing raw logs and creating new dashboards and alerts
  • Time management and multitasking skills with a high level of attention to detail
  • Knowledge of common cloud platforms – Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, Oracle Cloud Infrastructure
  • Containers (Kubernetes, Docker) and security leading practices
Beneficial, but not required, qualifications for a senior associate-level position include:
  • Experience with information security compliance audit frameworks and requirements e.g. PCI, FISMA, FedRAMP, SOC, SOX, PCI, GDPR and Data Privacy
  • Security orchestration and automated response (SOAR) tools such as: Shuffle SOAR, Demisto, Phantom, etc.
  • Knowledge and proficiency with popular cloud security services (VPC, RDS, IAM, WAF, IDS/IPS, AS3, SQS, SNS, CloudWatch, CloudTrail, Inspector, Config, etc.)
  • Vulnerability tools such as: Tenable, Qualys, Rapid7, etc.
  • Threat intelligence tools such as SiloBreaker, Recorded Future and MISP
  • Endpoint detection/HIDS tools such as: SentinelOne, Microsoft Defender for Endpoint, CarbonBlack, Crowdstrike, etc.
  • Microsoft Office 365 logging
  • Cloud access service brokers such as Netskope, ZScaler, Microsoft, Forcepoint
  • C# Experience
  • Python Experience
You want your next step to be the right one. You’ve worked hard to get where you are today. And now you’re ready to use your unique skills, talents and personality to achieve great things. RSM is a place where you are valued as an individual, mentored as a future leader, and recognized for your accomplishments and potential. Working directly with clients, key decision makers and business owners across various industries and geographies, you’ll move quickly along the learning curve and our clients will benefit from your fresh perspective.

Experience RSM. Experience the power of being understood.
Loading ...
Loading ...

Deadline: 02-07-2024

Click to apply for free candidate

Apply

Report job
Loading ...
Loading ...

SIMILAR JOBS

Loading ...
Loading ...