Security Operations Center (SOC) Incident Responder
If you like to build and grow… Be part of the Aspire team that helps transform major companies, government agencies, healthcare organizations and educational institutions—empowering them to thrive in the rapidly evolving digital economy. You will be at the forefront of transformative technologies, including collaboration, mobility, cloud computing, big data, social media, virtualization and the Internet of Things (IoT) — all of this in a consultative environment in which these powerful tools—and your skills– hold great strategic value. As a key player in our fast-growing, award-winning organization, you can expect a stimulating work culture, a great team passionate about innovation, and a wealth of opportunities for professional growth and advancement.
Location: Eatontown, NJ
The Security Operation Center (SOC) Incident Responder is responsible for monitoring and responding to security related alerts triggered in the SIEM tool within Aspire Technology Partners’ Managed Service Clients. Primary responsibilities include correlation of data from various sources; determining if a critical system or data set has been impacted; provides recommendations on remediation; provides support for new analytic methods for detecting threats; and serve as an escalation point of contact for SOC analysts.
The Incident Responder will use a variety of tools to investigate incidents and take immediate action or recommend a course of action to safeguard Aspire’s Managed Services Clients. The Incident Responder will document all incidents and create a clear narrative that supports their conclusions. The Incident Responder will prioritize and differentiate between potential intrusion attempts and false alarms, create and track security investigations to resolution, compose security alert notifications and other communications and advise incident responders in the steps to take to investigate and resolve computer security incidents.
ESSENTIAL DUTIES AND RESPONSIBILITIES- MAY INCLUDE THE FOLLOWING: OTHER DUTIES MAY BE ASSIGNED.
- Ensure that all SOC (Security Operations Center) tickets are handled and resolved within SLAs (Service Level Agreements)
- Stay up to date with current security vulnerabilities, attacks, and countermeasures
- Monitor security alarm activity from remote communications sites to ensure company compliance
- Create and run search queries in SIEM tools to help with identifying and troubleshooting security issues
- Utilize tools (e.g., Wireshark, Nmap, PCap, etc.) to identify and map devices on the network
- Open, track and close trouble tickets
- Answer incoming calls and monitor various e-mail accounts and act according to SOC procedures and processes
- Interface with field personnel to mitigate security incidents
- Serve as an escalation point for level 1 and level 2 analysts
- Prepare SOC reports as required
- Investigate and provide technical analysis of various security incidents and possible compromise of systems
- Provide recommendations for responding to malware incidents
- Work directly with other SOC Incident Responders and NOC Engineers for issue resolution
- Provide direct communication to affected users and companies on security incidents and maintenance activities
- Maintain detailed notes within Operational Management systems on all security issue resolution activities
- Maintain customer technical information within defined documentation standards
- Obtain/maintain technical/professional certifications applicable to position or as directed
- Manage and maintain SOC monitoring and alerting systems
- Assess and identify appropriate solutions to be integrated into the systems operation and make recommendations for implementation and troubleshooting
- Communicate with customers, peers, team and managers regarding incident and change management
- Provide emergency on-call support on a rotating schedule
- Perform other duties as assigned
Minimum Education and Exp