Careers

SOC Analyst – Level 1

SOC Analyst (Level 1)

If you like to build and grow, apply for immediate consideration.  Be part of a team that helps transform major companies, government agencies, healthcare organizations and educational institutions – empowering them to thrive in the rapidly evolving digital economy. You will be at the forefront of the transformative technologies, including collaboration, mobility, cloud computing, big data, social media, virtualization, and the Internet of Things (IoT) – all of this in a consultative environment in which these powerful tools – and your skills – hold great strategic value. As a key player in our fast-growing, award-winning organization, you can expect a stimulating work culture, a great team passionate about innovation, and a wealth of opportunities for professional growth and advancement.

POSITION SUMMARY:

The SOC Analyst (Level 1) will use a variety of tools to investigate incidents and take immediate action or recommend a course of action to safeguard Aspire’s Managed Services Clients. The SOC Analyst (Level 1) is responsible for monitoring and responding to security related alerts triggered in the SIEM tool within Aspire Technology Partners’ Managed Service Clients.  Primary responsibilities include incident triage, correlation of data from firewall, endpoint security, SASE and IPS logs; determining if a critical system or data set has been impacted; provides recommendations on remediation; and provides support for new analytic methods for detecting threats.

Hours:  Wed:  10pm to 7am EST; Thurs:  8pm to 7am EST; Fri:  8pm to 7am EST; Sat:  7pm to 7:30am EST. 

 

ESSENTIAL DUTIES AND RESPONSIBILITIES- MAY INCLUDE THE FOLLOWING:  OTHER DUTIES MAY BE ASSIGNED.  

• Ensure that all SOC (Security Operations Center) tickets are handled and resolved within SLAs (Service Level Agreements).
• Perform detailed analysis of threats and security events, using sound analytical skills, knowledge, and experience, with a clear narrative to support conclusions.
• Maintain records of security events investigated, detailed notes of security incident resolution, and incident response activities, utilizing ticketing systems.
• Make situational incident response recommendations based on best practice security policies that address the client’s business need.
• Research and stay up to date with current security vulnerabilities, attacks, threat actors, security advisories and the MITRE Attack Framework.
• Manage, maintain, and monitor security alerting systems from remote communications sites to ensure company compliance.
• Create and run search queries in SIEM tool to help with identifying and troubleshooting security issues.
• Utilize tools (e.g., Wireshark, Nmap, PCap, etc.) to identify and map devices on the network.
• Open, track and close trouble tickets.
• Answer incoming hot line calls and monitor various e-mail accounts and act according to SOC procedures and processes.
• Interface with client through email, phone calls, and meetings or Aspire field personnel to mitigate security incidents.
• Assist with the preparation of SOC reports, research papers, and blog posts.
• Investigate and provide technical analysis of various security incidents and possible compromise of systems.

• Works as Tier I support and will work directly with Tier II and TIER III and NOC Engineers for issue resolution.
• Provide direct communication to affected users and companies on security incidents and maintenance activities.
• Maintain customer technical information within defined documentation standards.
• Obtain/maintain technical/professional certifications applicable to position or as directed.
• Communicate with customers, peers, team, and managers regarding incident and change management.
• Provide emergency on-call support on a rotating schedule.
• Perform other duties as assigned.

Minimum Education and Experience: High School Diploma or equivalent 1+ year of professional work experience in cyber security field 1+ year of experience with Security Event / Alert Management, Incident Response, and Change Management Processes 1+ year of experience handling security events related to Malware Detection and Analysis, Indicators of Compromise (IOC), Email Phishing, Endpoint Detection and Response (EDR) Knowledge of Runbooks, Playbooks and following Standard Operating Procedures Preferred Education and Experience: Bachelor’s Degree preferred. Possession of an Industry Certification (Security+, CySA+, Cisco Cyber-Ops Associate, NSE4, or similar) 1+ years of experience in Security Management. SIEM and Log Management (Splunk, OSSIM, FortiSIEM, LogRhythm, etc.) Experience with Firewalls (Palo Alto Networks, Cisco Firepower Manager) Experience with Endpoint Security (Cisco Secure Endpoint, CrowdStrike Falcon, Carbon Black, Microsoft Advanced Threat Protection) Experience with Network Traffic Analytics (Cisco Stealthwatch Cloud, Darktrace) Experience with DNS Security (Cisco Umbrella, Forcepoint) 2+ years of experience with Ticket Management Tools (e.g., ConnectWise, ServiceNow) Other Skills and Abilities: Excellent Interpersonal Skills (develop and maintain strong working relationships) Displays ownership of tasks Detailed oriented with strong written and verbal communication skills. Ability to prioritize tasks. Strong organizational skills Occasional overtime, afterhours work, or weekend availability may be required. Basic telephone operation skills Excellent customer service skills Familiarity with ITIL Processes Proficiency in Microsoft Office programs and ability to learn specialized system tools. Ability to multi-task in a fast-paced environment. TRAVEL: Limited to No Travel PHYSICAL DEMANDS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit and talk or hear. The employee frequently is required to stand; walk; and use hands to finger, handle, or feel objects, tools, or controls.  The employee is occasionally required to reach with hands and arms.  The employee must occasionally lift and/or move up to 35 pounds.  Specific vision abilities required by this job involve normal vision. WORK ENVIRONMENT: In Office: Employees located within one hour and thirty minutes of our main location will be expected to come into the office 5 days per week. Temporary remote work is possible if authorized by your manager. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually quiet to moderate. Remote: Anyone over one hour and thirty minutes from our main location can work remotely. Necessary equipment to perform your job functions will be sent to your address. All equipment will be tracked in our inventory system and will be expected to be returned in the same condition as when it arrived at the conclusion of any employment agreement. You may be asked to visit client or remote sites if necessary.

Aspire strives to provide full time employees with a competitive and meaningful benefits package that includes:

• 401k with company match
• Medical with prescription drug coverage, dental and vision care; effective first day of the following month.
• Company paid Long Term Disability (LTD) Company paid Life & AD&D Federal Spending Account.
• Generous paid time off and holidays.

 Aspire Technology Partners, LLC is an equal opportunity employer.  All qualified applicants will receive consideration for employment without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any other characteristic protected by law.