Vacancy expired!
Horn Solutions is supporting our customer as they build out the Global SOC. This includes, incident/event response, threat remediation, tooling, and process creation and documentation. This would also include assessment of and understanding of risk, threat, and vulnerability analysis. You will work with Level I and Level III analyst as well receiving escalations from level I teammates and escalating where necessary to level III.
You will conduct real-time analysis using cybersecurity tools and correlation of security log data from numerous devices and static file analysis, live response/investigation on systems, account containment, per GSOC playbooks, SOPs, and direction from L3 analysts.Tools- SIEM/SOAR, EDR / Anti-virus, Cloud (AWS, Azure), Web Proxy, IDS / IPS / NSM, Email Security, Vulnerability Scanners
- Preferred experience with: Splunk, Carbon Black, Sourcefire, Cofense, McAfee, and DarkTrace. Additional SOAR experience a plus.