We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
BDO USA, LLP jobs

SOC Engineer

BDO USA, LLP
United States, Illinois, Oak Brook
2715 Jorie Boulevard (Show on map)
Nov 07, 2024

Job Summary:

The SOC Engineer is part of the Cyber team and serves as an escalation responder to security events within the Security Operations Center. The ideal candidate would have a strong problem-solving skills and analytics aptitude. This role participates in security posture monitoring and threat response activities and is directly responsible for troubleshooting security events. This role provides additional analysis during security incidents establishing the extent of the threat, business impacts, and then advising and performing the most suitable course of action to contain and remedy the incident. The SOC Engineer must maintain a good knowledge of the threat landscape, help enhance current capabilities, and provides support in the identification of new methods of detecting threats. This role is working non-standard working hours. Wednesday - Saturday 10-hour shift on 2nd Shift: 6:30am - 4:30pm CST.

Job Duties:



  • Monitors security event platforms and follow incident playbook for first response, triage, potential resolution, and participates in postmortem activities as required
  • Conducts network monitoring and intrusion detection analysis using various network defense tools, such as intrusion detection/prevention systems (IDS/IPS), firewalls, host-based security systems (HBSS), Azure security, and audit log management etc.
  • Provides proactive feedback to enable improvement of the current monitoring rules, based on information and knowledge/experience
  • Creates daily, weekly, and monthly reports for Security Management Team
  • Performs front line response and escalation tasks and updates runbooks and procedures as needed
  • Compiles statistics and contributes to the improvement and creation of playbooks
  • Uses public cyber security resources (e.g. sites/blogs/podcasts) to stay up to date with latest news, threats, and security analysis tools
  • Participates in on-call rotation
  • Other duties as required


Qualifications, Knowledge, Skills and Abilities:

Education



  • High School Diploma or GED, required
  • Bachelor's Degree in Information Technology, Cybersecurity, or Computer Science, preferred


Experience



  • Three (3) or more years of experience in infosec, cybersecurity, system or networking, required
  • Three (3) or more years of experience of network protocols, configurations, or IT operations, required
  • Two (2) or more years of experience within cloud technologies such as Azure, Azure Stack Azure Backups, AWS or similar cloud experience, preferred
  • Two (2) or more years with EDR platform or SIEM Platform, preferred
  • Experience with help desk ticketing systems and service desk management tools, preferred


License(s)/Certification(s)



  • Microsoft SC-900, 200, 300 preferred
  • Any IT security certifications, preferred


Software



  • Experience with four (4) or more of the following, required:

    • Microsoft Sentinel
    • Information Security tools & packet analyses tools (e.g. CB, Wireshark)
    • Intrusion Detection (e.g. IDS/IPS tools)
    • Firewall troubleshooting
    • Strong Windows and Linux
    • Internet Protocols and Services (e.g. TCP/IP, FTP, HTTPS, SSH)
    • Log analysis/ Windows event analysis
    • Network and Host basic forensics
    • EDR solutions
    • Troubleshooting and root cause analyses



Other Knowledge, Skills, & Abilities



  • Strong verbal and written communication skills
  • Excellent interpersonal and customer relationship skills
  • Ability to work in a deadline-driven environment while handling multiple projects/tasks simultaneously with a focus on details
  • Ability to react quickly, decisively and deliberately in high-stress, high-impact situations
  • Ability to multi-task while working independently or within a group environment
  • Ability to work well under pressure while dealing with unexpected problems in a professional manner
  • Ability to discuss technology and effectively communicate technical issues with all audiences.
  • Must possess good work habits, a strong work ethic, and be able to adhere to company work hours, policies, and standard business etiquette


KEYWORDS: SOC, Networking, Security, Intrusion Detection, Windows, Linux, Internet Protocol, Network Infrastructure, Host and Network Based Forensics, Antivirus Solutions, Troubleshooting, EDR Platform, SIEM Platform, Cyber Security, Cyber, Security Operations Center.

Applied = 0
MORE JOBS LIKE THIS

(web-69c66cf95d-dssp7)