Job Description

Lead Security Analyst-Swing-

We are looking for a Swing Shift Lead to join the Cyber Analyst team. The Swing Shift Lead is expected to be hands on operationally and supervise the analysts on the swing shift, but more so focused on leading projects to improve the team, identify gaps and solutions, improve the documentation and processes, and prioritizing the case workload amongst the team. The Swing Shift Lead will have several direct reports of junior and senior analysts on the swing shift and will report to the SOC Director. The position is full-time, offers a base and discretionary quarterly bonus, along with excellent benefits. The shift will be 1pm to 9pm Phoenix Time or 12pm to 8pm.

About the Role

• Aid in the development and revision of security operation center procedures, protocols, and systems
• Identify and lead projects with the focus of making technological and procedural improvements to SOC operations
• Ensure efficient and cost-effective staffing and scheduling
• Handle escalated customer facing issues and be the designated incident lead for major incidents
• Develop and execute training for all SOC functions
• Provide first-line supervision, mentoring, and leadership of team members
• Manage a staff of security analysts, hire and train new staff, conduct performance reviews, and provide leadership and coaching for team members
• Assist on an as needed basis with triaging alerts and threat hunting
• Maintain on-call hours to handle escalated events after hours and maintain the ability to provide rare emergency coverage in the SOC if needed

Responsibilities

• Define metrics and reporting strategies that effectively communicate successes and progress of the analyst team
• Ability to analyze packet captures/data and logs to perform incident response and identify potential compromises to customer networks
• Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and common TTP’s (tactics, techniques, and procedures) used by threat actors
• Experience analyzing both log and packet data in a SIEM (RSA NetWitness, Azure Sentinel, Splunk, etc.)
• Strong understanding of incident response methodologies and reporting
• Excellent communication skills, both written and verbal
• Able to remain calm and handle high stress situations in a fast-paced environment
• Strong analytical and problem-solving skills
• Self-motivated and able to balance multiple concurrent projects

Qualifications

• Minimum of four years of experience performing triage/incident response in enterprise environments
• Minimum of four years of experience performing forensic analysis of logs and packet captures to identify malicious artifacts
• Prior experience mentoring/leading a small team
• Higher level security certifications (CEH, GCIH, GCFA, GCFE, GCTI, GCIA, GREM, GPEN, GFNA, OCSP, CISSP, CISM)
• Strong understanding of ATT&CK Framework, common web attacks, NIST or SANS Incident Handling Procedures, knowledge of Windows and Linux operating systems, and networking principles

Pay range and compensation package

SIGN-ON BONUS, WHICH IS 10% OF BASE SALARY

RELOCATION PROVIDED

OPTIONS PROVIDED

Job Tags

Similar Jobs