Prinicpal Security Operations Center (SOC) Analyst - Symantec - Herndon, VA

About Us:
Symantec Corporation (NASDAQ: SYMC) is the global leader in cyber security. Operating one of the world’s largest cyber intelligence networks, we see more threats, and protect more customers from the next generation of attacks. We help companies, governments and individuals secure their most important data wherever it lives.

We make the world a safer place by helping people, businesses and governments protect and manage their information, so they can focus on achieving their goals.

In the Global Security Office, you will have the opportunity to work for the protection of Symantec’s information technology, brand, intellectually property, and customer data from misuse or compromise. Security controls have never been more important and as the leader in security solutions, we are targeted relentlessly and aggressively on many fronts and must defend ourselves accordingly. The Global Security Office is responsible for all aspects of security at Symantec and, as such, is made up of a diverse, multi-disciplinary and highly talented group of individuals who strive everyday to protect what is most critical to Symantec.

The Global Security Office is responsible for all aspects of security at Symantec and, as such, is made up of a diverse, multi-disciplinary and highly talented group of individuals who strive every day to protect what is most critical to Symantec.

The Global Security Office is currently seeking candidates for a Senior SOC Analyst. This is an exciting opportunity to be part of a key team of cyber security professionals here at Symantec, supporting full life cycle cyber security operations.

We are seeking an individual that can bring in-depth security analysis and handling expertise to support daily operations and help grow and mature our current SOC environment. As a Senior Analyst you will directly support the Security Operations Center by applying analytic and technical skills to investigate intrusions, identify malicious activity and potential insider threats, and perform incident response. Additionally, the Senior Analyst will help develop and enhance detection and response capabilities including creation of robust SIEM content, IDS rules, SOP documentation, and implementation of incident response methodologies.

Monitor, triage, and prioritize events, alerts and tips for further investigation
Investigate events, alerts and tips to determine if an incident has occurred
Investigate network traffic for potential security incidents using
Conduct in- depth, thorough analysis of network traffic and host activity across a wide array of technologies and platforms
Perform incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts
Compile detailed investigation and analysis reports for internal SOC consumption and delivery to management
Assist and mentor less experienced analyst staff regarding analysis, investigations, and incident response
Evaluate existing technical capabilities and systems and identify opportunities for improvement
Research and test new security tools/products and make recommendations of tools to be implemented in the SOC environment
Regularly review standard operating procedures and protocols to ensure SOC continues to effectively meet operational requirements
Conduct “after action” reviews to identify lessons learned and best practices
Foster innovation, creativity, collaboration, and professional growth of the SOC team
Maintain strong standards, and promote productivity, accountability and high morale
Influence and improve upon existing processes through innovation and operational change
Ensure the SOC analyst team is providing excellent customer service and support

3+ years of SOC or MSSP experience with at least 1 year in an in-depth technical role
3+ years of SIEM experience – with knowledge of content creation (rules, alerts, etc.)
Strong analytical and investigation skills
Experience with Splunk – preferably proficient with Splunk’s Search Processing Language (SPL), developing correlation rules, dashboards, and custom searches
Experience with automated incident response tools (PSTools, Sysmon, etc.)
Experience with packet capture and analysis (tcpdump/windump, Wireshark, etc.)
Experience with host and network forensics
Strong understanding of security architectures and devices
Strong understanding of threat intelligence consumption and management
Strong understanding of root causes of malware infections and proactive mitigation
Strong understanding of lateral movement, footholds, and data exfiltration techniques
Ability to mentor and coach less experienced security analysts. Providing techniques and strategies to dig deeper into investigations
Ability to communicate IT, networking, and security concepts to personnel at all levels of experience and responsibility
Track record of creative problem solving, and the desire to create and build new processes
Strong time management and multitasking skills as well as attention to detail
Experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
Comfortable with impromptu tasking and loosely defined requirements
Excellent oral and written communications skills
Relevant security certifications (CISSP, GCIA, GCIH, GREM, CEH, etc.)
Symantec is an equal opportunity employer. All candidates for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, physical or mental disability, veteran status, or any other basis protected by applicable federal, state or local law.

Expired, click here to search for relevant jobs

Around the Network