Security Operations Center Analyst

Horizon Technologies is looking for Security Operations Center (SOC) Analysts for one of its clients in Canada who will work in their Network Operations and Security Operations Center team.

You will work collaboratively to detect and respond to information security incidents, develop, maintain and follow procedures for security event alerting and participate in security investigations.

You will perform tasks including monitoring, research, classification, and analysis of security events that occur on the network or endpoint.

You should have familiarity with the principles of network and endpoint security, current threat and attack trends, and have a working knowledge of security principles such as defense in depth.

You must be competent to work at a high technical level and be capable of identifying threats, and threat vectors that cause security events.

Your Responsibilities

As SOC Analyst you will have the following responsibilities and tasks:

Monitor network and information systems security alerts and notifications of potentially malicious activity

To be specific the following devices/systems to be monitored IPS/FWAntivirusURL/DNS filtering Wifi ApsSIEM

Conduct an impact assessment and determine the classification of detected events

Identify, report, and investigate potential security incidents

Coordinate escalations to appropriate support teams to ensure timely incident resolution

Perform technical troubleshooting and security analysis of incidents

Identify and recommend threat containment and eradication actions

Maintain intrusion detection system signatures

Perform tuning of SIEM filters and events correlation to ensure continuous monitoring improvements

Perform continuous vulnerability management scans (CVMS) of the infrastructure

Analyze and report on the findings of the CVMS, determining existing security vulnerabilities and identifying false positives

Develop and maintain effective and efficient SOC standard operating procedures

Maintain awareness of evolving threats, trends, and technologies; and perform knowledge sharing with other members of the team

Assist in information security risk assessment activities

Assist in security investigations, training, and awareness exercises

Other related tasks as required Security Clearance

Mandatory: Reliability Status or the eligibility to obtain and maintain it

Your Required Qualifications

You have 2-5 years of experience in SOC operations or a related technical IT operations field

Graduation with a degree in Computer Science, Computer Engineering, Information Security Program or a related discipline

You have experience in security assessment and incident management

Technical education, preferably in computational sciences or business information technology

You have basic experience in IT risk management, Information Security, and IT processes

Knowledge of information systems hardening i.e. operating systems, network devices, and application security

Knowledge of incident response methodologies e.g. NIST, SANSSANS GIAC, CISSP, CISA, or other security certification would be an asset

Strong troubleshooting and analytical skills

Ability to work autonomously with attention to detail

Ability to communicate effectively and write concisely and clearly

Knowledge of ITIL is an asset

Excellent communication skills in English

Your Desired Qualifications

Skills in performing vulnerability scans and assessments

Skills in setting up and maintaining firewalls

Skills in macOS and Linux

Skills in scripting languages