SOC Engineer

at BDO USA, LLP in Oak Brook, Illinois, United States

Job Description

Job Summary:
The Senior SOC Engineer is a multi-faceted, challenging role that requires excellent attention to detail, the ability to effectively communicate and influence clients, develop relationships with technical and business contacts, coordinate delivering, operations, and project resources, and follow tasks through to completion. The ideal candidate would have a strong problem-solving skills and analytics aptitude. This person is a main point of contact in security posture monitoring and threat response activities and is directly responsible for troubleshooting security events. This role will provide the initial analysis during security incidents, establishing the extent of the threat, business impacts, and then advising and performing the most suitable course of action to contain and remedy the incident. The Senior IT Security Engineer must maintain a good knowledge of the threat landscape, help enhance current capabilities, and provide support in the identification of new methods of detecting threats.
Job Duties:
Acts as a primary point of contact regarding all questions and information including progress, challenges encountered, and issues identified within the SOC
Provides exceptional client service and develops deliverables and/or solutions to issues
Identifies, grows, and maintains relationships with client personnel, including members of client management
Prepares formal and informal presentations for various internal meetings
Reviews and participates in project plans for the improvement of service delivery
Facilitates the project plan making updates as directed by the management team
Manages tasks closely to make sure they are being completed in a timely manner
Documents information from internal project meetings
Escalates any issues to senior management, as needed
Fosters a positive demeanor, learning attitude, and client service mentality with staff
Other duties as required
Supervisory Responsibilities:
Supervises the day-to-day workload of Associates within the SOC to ensure that deliverables are met
Ensures teams are trained on all relevant software
Evaluates the performance of team members and assists in the development of goals and objectives to enhance professional development
Delivers periodic performance feedback and completes performance evaluations for teams in accordance with Firm guidance
Acts as mentor to team members, as appropriate
Qualifications, Knowledge, Skills and Abilities:
Education
High School Diploma or GED, required
Bachelor's Degree in Information Technology, Cybersecurity, or Computer Science, preferred
Experience
Four (4) or more years examination and remediation experience with cyber security incidents or event reviews involving a range of security products and technologies, required
Three (3) or more years of experience performing analytics examinations of logs and incidents in an IT Services environment, required
Three (3) or more years of experience with advanced ticket management with the understanding of security logs and NOC procedures, required
Three (3) or more years of experience with operating systems, network architecture, and products advanced knowledge, required
One (1) or more years of experience scripting security events, required
Three (3) or more years creating or recommending content creation in SIEM/Big Data Solutions, preferred
License(s)/Certification(s)
Microsoft SC-900, 200, 300 preferred
Any IT security certifications, preferred
Software
Experience with four (4) or more of the following, required:
Microsoft Sentinel
Information Security tools & packet analyses tools (e.g. CB,Wireshark)
Intrusion Detection (e.g. IDS/IPS tools)
Firewall troubleshooting
Strong Windows and Linux
Internet Protocols and Services (e.g. TCP/IP, FTP, HTTPS, SSH)
Networking infrastructure
Log analysis/ Windows event analysis
Network and Host basic forensics
Antivirus solutions
Troubleshooting and root cause analyses
One (1) or more years working with any of the Detection and Response technologies, required:
Cortex XDR, XSOAR, Splunk, Elasticsearch, MISP, FireEye AX,EX,NX,CMS, security orchestrator, Cisco NGIPS/Sourcefire, Palo Alto firewall, McAfee, Cylance, Tanium, Snort, Bro, Suricata, Jupyter notebooks, EnCase, Access, Data FTK, volatility, Wireshark, Nessus/Security Center, Nmap, Metasploit pro, Windows Event forwarding, SolarWinds, Logstash, syslog, ysmon, one way data diodes, IDA Pro
Languages:
N/A
Other Knowledge, Skills, & Abilities
Strong verbal and written communication skills
Excellent interpersonal and client relationship skills
Ability to work in a deadline-driven environment while handling multiple projects/tasks simultaneously with a... For full info follow application link.

All qualified applicants will receive consideration for employment without regard to race, age, color, religion, sex, national origin, disability, protected veteran status, or any other classification protected by law.