SOC Analyst/Engineer

Experience:

• Extensive experience in Palo Alto Cortex XDR and a deep understanding and practical application of XQL queries is required.
• Extensive experience in a SOC environment, with a strong background in threat detection, incident
• response, and threat hunting.
• Experience with threat intelligence platforms and integrating threat intelligence feeds to security tools to enrich threat detection.
• Experience in proactive threat hunting to identify and neutralize emerging threats.
• Experience or working knowledge of cloud, network, and application security.
• Experience in Biotech/Pharma is a plus.

Knowledge/Skills/Abilities:
• Proficiency with SOC tools and technologies such as SIEM (Splunk), EDR (Cortex), and IDS/IPS (e.g., Snort, Suricata).
• Strong scripting skills (e.g., Python, PowerShell) to automate tasks, enhance detection capabilities, and develop automation through a SOAR platform.
• Ability to configure and fine-tune security tools to maximize their effectiveness by integrating various log
• sources and data feeds to enhance visibility and detection.
• Ability to work with various data sources to create high-fidelity alerting.
• Knowledge of machine learning and behavioral analytics to identify anomalies and potential threats.
• Ability to develop and refine correlation rules within SIEM to detect complex attack patterns, leveraging the MITRE Telecommunication&CK framework.
• Strong analytical skills to correlate events and make informed decisions based on data.
• Ability to analyze user behaviors and network traffic to detect suspicious activities.
• Ability to establish and maintain strong relationships with security vendors.
• Extensive knowledge of DNS, network protocols, firewalls, VPNs, web application firewalls, email security,
• IPS/IDS, SIEM, DLP, cryptography, application whitelisting, and endpoint protection
• Excellent communication skills.
• Resourceful and proactive to find innovative solutions to challenges.
• A mindset focused on continuous learning and improvement.
• Outstanding judgment and problem-solving skills, including negotiation and conflict resolution.
• Ability to work in a team environment, create timelines, and continually make necessary adjustments.