Job Description

SOC Analyst

Remote EST

Phone and Video

Long Term

Job Description:

We are seeking a skilled SOC Security Analyst with specialized expertise in Microsoft server support, Tanium security, and SIEM (Security Information and Event Management) technologies. In this role, you will be responsible for leveraging your in-depth knowledge of Microsoft server environments, Tanium endpoint security solutions, and SIEM platforms to enhance our organization's cyber defense capabilities and mitigate security risks effectively.

Key Responsibilities:

1. Microsoft Server Support:
2. Provide expert-level support for Microsoft Windows Server environments, including installation, configuration, and maintenance of server operating systems and applications.
3. Perform regular security hardening and patch management activities to ensure the integrity and resilience of server infrastructure.
4. Collaborate with IT teams to troubleshoot server-related issues and implement security best practices to protect against vulnerabilities and exploits.
5. Tanium Security Operations:
6. Utilize Tanium endpoint security solutions to monitor, manage, and secure endpoints across the organization's network.
7. Configure and deploy Tanium agents to endpoints, ensuring comprehensive visibility and control over endpoint security posture.
8. Develop custom Tanium queries and scripts to identify security threats, vulnerabilities, and compliance gaps in real-time.
9. SIEM Management and Analysis:
10. Manage and maintain SIEM platforms, such as Splunk, log scale, falcon NGSEIM, to collect, correlate, and analyze security event data from disparate sources.
11. Develop and tune SIEM rules, alerts, and correlation logic to improve detection accuracy and reduce false positives.
12. Conduct thorough analysis of SIEM alerts and logs to identify potential security incidents, anomalies, and indicators of compromise (IOCs).
13. Other technologies
14. Incident Response and Investigation:
15. Lead incident response efforts related to Microsoft server breaches, Tanium endpoint security incidents, and SIEM-generated alerts.
16. Conduct detailed forensic analysis and investigation of security incidents to determine the scope, impact, and root cause.
17. Work closely with cross-functional teams to contain, eradicate, and recover from security breaches, following established incident response procedures.

1. Documentation and Reporting:
2. Maintain accurate documentation of configurations, procedures, and incident response activities related to Microsoft servers, Tanium security, and SIEM operations.
3. Generate comprehensive reports on security incidents, investigations, and remediation efforts for internal stakeholders and regulatory compliance purposes.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or related field ( or equivalent mature experience ).
• Extensive experience in Microsoft server administration and support, including Active Directory, Group Policy, and Windows Server roles and features.
• Proficiency in deploying, configuring, and managing Tanium endpoint security solutions.
• Strong understanding of SIEM concepts, architecture, and implementation, with experience working with SIEM platforms.
• Relevant certifications such as MCSE (Microsoft Certified Solutions Expert), Tanium Certified Administrator, and SIEM vendor certifications are highly desirable.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and collaboratively in a fast-paced SOC environment.

Pankaj Kumar

Lead IT Technical Recruiter

Phone : 321-766-9495

Email: pankaj@stellentit.com

Gtalk: pankaj@stellentit.com

Job Tags

Similar Jobs