Soc Analyst Ii

OverviewPosted Monday, September 29, **** at 4:00 AMAbout eSentireeSentire is on a mission to hunt, investigate and stop cyber threats before they become business disrupting events.We were founded on the premise that if you can't find a solution, you build it.Entrepreneurship and innovation are in our DNA.Our culture is based on transparency, teamwork, and continuous innovation.As the authority in Managed Detection and Response, we protect the critical data and applications of ****+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats.The Global Security Operations Centre (GSOC) is central to eSentire's Service Delivery Organization (SDO) with a growing team of over 100 passionate members across two SOC locations in Canada and Ireland.The GSOC delivers comprehensive security services to customers worldwide on a 24x7 basis, utilizing best-in-class tooling from both external vendors and internally developed technologies.We are trusted by over **** organizations globally to detect and respond to cyber threats and to protect them from business disruption.eSentire considers employee development, wellbeing, and mental health as top priorities.GSOC Analysts operate on static and predictable 8-hour shifts which offer a healthy work-life balance and are provided with resources to develop and grow their careers.The successful candidate will perform Tier II security analysis tasks across network, endpoint, log, and cloud security in a fast-paced and dynamic environment.In addition to the Tier 1 responsibilities listed below, Tier II SOC Analysts are also responsible for the following:ResponsibilitiesCompleting more complex high priority/escalated client support ticketsParticipating in Incident/Breach response investigations and deliver incident response reports and after-action reviewsWork on various internal projects/initiatives such as UAT of new SOC tools, working cross functionally with other teams/departments as a stakeholder for the Service Delivery OrganizationWriting or providing input to our Learning and Development team on KB Articles or training contentDelivering training modules and conducting assessments with new hiresOngoing mentoring and coaching of Tier I AnalystsParticipating in Quarterly Service Reviews (QSRs) with our Customer Success Team providing technical input from the SOC where necessarySecondary review and approval of permanent signal filters, Global Denylist IP Nominations, and high priority client alertsCritical Event Reviews – performing secondary audits of selected signals and following up with analysts and clients as necessaryAnalyze incoming security signals in real time with a balance of accuracy and speed using a variety of forensic toolsApply investigative tools, techniques and procedures (TTPs), use your understanding of the security threats associated with the incoming signals and follow defined Runbooks to determine and execute the relevant actionsPerform allowlisting/filtering of false positive signalsFor confirmed true positive signals, you will alert clients using defined templates and escalate high priority alerts to clients by phoneBlock malicious network traffic and isolate infected hosts on customers networksAdd malicious IOC's to eSentire's Global Denylist for all customers where appropriateComplete basic-intermediate client support requests/queries assigned by the operations lead.Work directly with clients via email/phone as needed to complete these tasksHandle some service administration and troubleshooting tasksRequirementsRelevant degree in Computer Science, IT Security, IT Management, IT Support or related discipline.The completed course must include a strong focus on networking and security.3+ years' full-time experience in a Security Operations Centre or similar Cyber Security Analysis role excluding time spent on an intern or work experience programHands on experience in at least one of the following Security domains:Network Security including Intrusion Detection Systems (IDS)Windows Endpoint Security, using EDR products such as VMware Carbon Black Response/Threat Hunter, Crowdstrike Falcon or Microsoft Defender ATPSIEM/Log Management, using products such as SumoLogic, Splunk or similarKnowledge and experience of network and endpoint security technologies including:Snort/Suricata, Packet Capture (PCAP) Analysis using WiresharkWindows system internals, knowledge of PowerShellLinux Kernel and basic scripting (Bash/Python) knowledgeAnalytical mind with strong attention to detail and a commitment to quality of serviceStrong customer facing written and verbal communication skills with the ability to effectively communicate complex security concepts with end customersDemonstrated experience to confidently handle escalated client issues, diffuse challenging situations and deliver an optimal customer experienceNatural ability to thrive in a fast-paced and time sensitive environmentOur Culture and ValuesAt eSentire we work in a collaborative and innovative work environment.We work with brilliant and passionate people who strive and encourage others to do their best.eSentire's idea-rich environment welcomes creative and sometimes unconventional perspectivesWe celebrate diversity, operating with mutual respect and consideration, in an environment that fosters inclusivity for all.We believe that a variety of perspectives, backgrounds, and experiences make us stronger – if you're enthusiastic about this opportunity but don't meet every qualification, we encourage you to apply anyway.It takes a diverse set of thoughts, cultures, backgrounds, and perspectives to be a true market leader.Total RewardsWe believe in rewarding performance and providing comprehensive benefits tailored to support your well-being.Our package includes comprehensive health benefits, a flexible vacation plan, and participation in our company-wide equity program, allowing you to share in the success and growth of our organization.AccommodationIf you have any accessibility requirements during the recruitment process, please reach out to our HR team at ****** and any accommodation needs will be addressed upon request.Your talents and unique perspectives are valued, and we look forward to the opportunity to work together to build a more inclusive future.It\'s our mission at eSentire to protect our customers 24/7/365 and we extend this conviction to job seekers.During the application and interview process, eSentire will communicate with you from one of our corporate "@esentire.com" email addresses, never from a public email address.We strive to provide a welcoming, respectful, and thorough interview process, providing the candidate with ample opportunity to spend time with the hiring manager, recruiter, and future colleagues face to face, or using a video conference technology.#J-*****-Ljbffr