Job Summary
The ELK Analytics team is looking for highly motivated individuals to join us in our mission of protecting customer networks from advanced threats. The SOC Analyst is the first line of defense and focuses primarily on 24/7 monitoring, validation, and threat hunting.
Responsibilities
- Conduct alert validation and triage within SIEM and EDR platforms.
- Create complex visualizations to provide customers with actionable insights into their environments.
- Perform threat hunting in order to identify suspicious artifacts within networks.
- Document research and analysis findings.
- Conduct tuning activities to mitigate false positive or noisy alerts.
Minimum Qualifications /Requirements
This position does not require any formal college education or industry experience. The ELK Analytics team values those attributes but acknowledges that they are not the only path to develop security analyst skills. The only formal requirements for this position are as follows:
- Critical thinking
- Strong Security Fundamentals and awareness
- A passion for security and learning
Ideal Candidates
The Ideal candidate for this position will have a foundational understanding of SOC operations, SIEM infrastructure, and endpoint detection and response. This candidate will be capable of reading and writing basic scripts (any language is permissible).
Job Type: Full-time
Pay: $40,000.00 - $60,000.00 per year
Benefits:
- Dental insurance
- Health insurance
- Paid time off
- Vision insurance
Compensation package:
Experience level:
Schedule:
- 10 hour shift
- Day shift
- Night shift
Application Question(s):
- What is your desired salary for this position?
- Please describe how you would triage an unknown sample to confirm if it is malicious or not.
- Why do you want to be a Security Analyst?
- What is your favorite source of Security Industry news (website, blog, etc..). Why is this your favorite? What interests you about it?
- What is the purpose of Active Directory and Group Policy? How might you use GPO/AD as a Systems Administrator? How might you use GPO/AD as a Incident Responder?
Work Location: Remote