Soc Analyst / Incident Responder (Chicago Area)

Overview
As an entry level SOC Analyst and Incident Responder, you are responsible for alerts from various SIEM and EDR tools from 7 Layer Solutions’ clients from triage through to closure. You are responsible for escalating alerts to the Managed Services teams and working with them to investigate and close the alerts. You are the main point of contact for incident response, threat hunting, and threat intelligence, and you are building a process to communicate new security threats to 7 Layer Solutions’ clients.
Duties include:

• Creating data analysis, statistics, and visualizations
• Analyze and respond to security threats from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Endpoint Detection and Response (EDR), Network Detection and Response (NDR), Email Security, Cloud Security, and other security threat data sources
• Provide cybersecurity recommendations on new technologies or how to address risks
• Review reports provided by internal security tools and external MDR partners and ensure all concerns are addressed and communicated
• Assist in establishing a mature and optimized Security Operations Center discipline to support managed security services focused on client-facing security information event management and Endpoint Detection and Response engagements
• Collaborate with 7 Layer Solutions and client technical leads and Subject Matter Experts related to security event monitoring and security incident escalation
• Conduct operations surrounding cyber security incident response technologies including network logging, security information and event management tools, security analytics platforms and log search technologies
• Responsible for validating security alerts and ensuring appropriate action is taken to mitigate
• Perform threat and vulnerability management monitoring and provide remediation guidance
• Responsible for tuning the SIEM and EDR systems with the vendors
• Develop standard operating procedures and playbooks to improve cybersecurity monitoring and incident response
• Respond to clients in a timely manner (within documented SLA) with thorough and concise analysis and recommended actions
• Collaborate and serve as liaison to key security vendor solution partners
• Responsible for client on-boarding and configuration of phishing and training campaigns and Darkweb monitoring tools

Minimum Requirements

• Ability to operate as a team and/or independently while demonstrating flexibility to changing requirements.
• Experience with Windows, Mac, Linux, iOS, and Network Operating Systems
• Passion for information security
• Presentation and public speaking abilities
• Strong business acumen including written and verbal communication skills
• Experience with Endpoint and Network Detection Response technologies
• Experience with Incident Response and Threat Hunting
• Critical thinking and problem-solving skills
• Using SOC/Incident Response core skills including security event review, log analysis, host analysis, email analysis, and network analysis
• Experience with Scripting or programming skills (PERL, Python, PowerShell, etc.)
• Strong interpersonal and organization skills
• Practical experience with TCP/IP networking
• Project management skills

Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skill, and ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions.

• Demonstrating foundational knowledge in computer networking, operating systems (both Windows and Unix based operating systems), and virtualization (cloud and on-premises)
• Experience with Cloud Security configuration best practices
• Working knowledge of Information Security best practices, audit frameworks and possibly privacy laws (e.g., familiarity with ISO 27000 series, SANS, NIST, OWASP Top 10, COBIT, CIS Top 20, CCPA, GDPR).
• Bachelor’s degree or higher in IT-relevant discipline (Preferred)
• Possession or active pursuit of certifications such as: CompTIA Security+, EC-Council Certified Incident Handler (ECIH) or Certified Ethical Hacker (CEH), and ISC2 Certified in Security (CC) is highly preferred.
• Building effective relationships with stakeholders and colleagues