OculusIT - L3 Cyber Security Analyst - SOAR

Company Description

OculusIT is the premier IT services partner for higher education institutions, offering cost-effective, responsive, and flexible solutions.

We specialize in IT Leadership, Managed ERP, Security and Infrastructure Services, and 24x7 Operations.

Our high-touch, customer-centric approach ensures that clients receive the highest quality service and support.

We are seeking a highly skilled and experienced Cyber Security Analyst L3 to join our team.

The ideal candidate will have strong expertise in cybersecurity investigation strategies, incident response, malware analysis, and advanced threat investigation techniques.

The role also requires proficiency in open-source SIEM tools, EDR platforms, cloud security assessments, and server hardening practices.

This position involves working with US-based clients and requires excellent communication skills.

Key Responsibilities :

- Develop and implement advanced investigation strategies for cybersecurity incidents.

- Conduct detailed log analysis to identify threats, anomalies, and potential breaches.

- Perform malware analysis to understand behavior and mitigate threats.

- Manage end-to-end incident response processes and root cause analyses.

Open-Source SIEM Expertise :

- Configure and fine-tune SIEM to enhance log ingestion, rule creation, and threat detection.

Endpoint Detection and Response (EDR) :

- Analyze endpoint telemetry and execute threat hunting processes.

Cloud Security :

- Provide recommendations to strengthen cloud architecture and user authentication processes.

Server Hardening & CIS Benchmarks :

- Perform security assessments to address identified vulnerabilities.

Threat Intelligence & SOAR Integration :

- Work on SOAR (Security Orchestration, Automation, and Response) platforms to automate incident handling processes.

Incident Handling & Communication :

- Provide clear, concise, and actionable communication to technical and non-technical audiences.

Linux & Log Analysis :

- Investigate unauthorized access attempts and system anomalies.

Client Management :

- Deliver regular reports, updates, and recommendations to clients.

Required Skills and Qualifications :

- Expertise in open-source SIEM platforms like Wazuh, AlienVault, and their integration.

- Proficiency with EDR solutions such as Microsoft Defender, CrowdStrike, Carbon Black, and SentinelOne.

- Strong knowledge of cloud security best practices and architecture reviews.

- Experience in server hardening following CIS benchmarks.

- Familiarity with SOAR platforms and threat intelligence tools.

- Solid understanding of Linux systems and log review methodologies.

- Excellent communication skills for client interactions and technical reporting.

- Proven ability to work with international clients, especially in the US.

Preferred Certifications :

- Certified Incident Handler (GCIH).

- Certified Ethical Hacker (CEH).

- Microsoft Certified: Azure Security Engineer Associate.

- AWS Certified Security Specialty.