Security Analyst – Level 1

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

ProArch

WebsiteLinkedInAll Job Openings

201 - 500 employees

🤖 Artificial Intelligence

🔒 Cybersecurity

Artificial Intelligence • Cybersecurity • Cloud

ProArch is a technology company that specializes in providing digital engineering, cloud services, data and AI solutions, and cybersecurity measures. They help businesses unleash their full potential by modernizing operations, protecting assets, and delivering data-driven insights. ProArch works closely with clients to eliminate roadblocks to growth and aligns advanced technology solutions with business goals to empower organizational success. As an award-winning Microsoft Gold Partner, they offer a wide range of services including AI consulting, software development, quality assurance, infrastructure management, governance, risk, and compliance solutions, and operational technology services. Their expertise extends to industries such as credit unions, power generation, and manufacturing, providing tailored solutions to meet each sector's unique challenges.

📋 Description

• SOC Dashboard Monitoring. • First Response to Alerts generated from Security Solutions ingested in the SIEM/SOAR Tool. • Verifying the Facts and Enriched Data in Incidents using SOAR Platform. • Preliminary triage based on the facts from the SOAR. • Sending email notifications for Medium & lower priority alerts to the client for confirmation on potentially false or benign alerts. • Helping seniors in triage, evidence collection, incident documentation, etc. • Reporting to the Shift Lead about the alerts handled during the shift and updating the SHO Sheet. • Escalation of Incidents based on the preliminary triage using the escalation workflow in case of possible true positives. • Identifying daily repeat false positive alerts, and interesting patterns based on monitoring of alerts. • Reporting any tool outages or monitoring downtime during one’s own shift to the Shift Lead or Leads asap. • Performing Monthly Maintenance Tasks for Health Checks for the Security Monitoring and Response Tools • Develop, test, and fine-tune detection rules and use cases based on log sources, threat intelligence, attack patterns, and client requirements. • Identify emerging threats and incorporate them into use-cases for alerts and detections. • Optimize and refine alert thresholds and logic to minimize false positives and enhance detection accuracy. • Leverage expertise in Microsoft 365 Defender/Defender XDR, Microsoft Defender for Endpoint, Defender for Office 365 and Entra ID Protection to improve overall threat detection and response. • Analyze security logs and telemetry data for signs of compromise, anomalous activities, or malicious behavior. • Prioritize the work effectively and handle shifting priorities professionally. • Work closely with cross-functional teams (IT, Cloud Operations, Application Development) to mitigate security risks and improve SOC capabilities. • Create detailed reports and post-analysis reports to communicate findings and recommendations to technical and non-technical stakeholders. • Contribute to continuous improvement of SOC processes, including SOPs, playbooks, runbooks, and escalation procedures. • Stay updated with the latest threat landscape, vulnerabilities, and attack methods. • Share knowledge and insights with other SOC analysts and participate in team knowledge-sharing sessions. • Participate in red/blue team exercises to test and improve detection and response capabilities.

🎯 Requirements

• Bachelor’s degree in computer science/engineering/IT/Computer Applications or significant demonstrable experience in IT Security / IT. • Outstanding Written, Verbal, Technical, Non-Technical, communication & presentation skills. • Self-directed with the ability to prioritize and handle SOC Operations and Alert inflow. • Eager learner continually improving skill sets, earning certifications, and gaining industry knowledge. • Very good analytical skills • Outstanding written communication and verbal skills • 95% of our clients are from USA. Thus, a good command over English language is a must. • Good to have any of these Microsoft Certifications: SC-200, SC-900, AZ-500, SC-300, SC-400. • Relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) are preferred.