Essential Functions (All Levels)

• Essential Functions (All Levels)
• Knowledge of basic business applications; i.e. MS Word, Excel, Outlook;
• Knowledge of network, desktop and server technologies;
• Strong verbal and written communication skills;
• Exhibits professionalism;
• Monitor, analyze, and investigate security events in accordance with proficiency level (I/II/III);
• Conduct Information Security research and provide accurate action and response;
• Create and Modify collateral, with guidance, to reflect lessons learned and discovered information; and
• Other duties as assigned by management.
• Proficiency Levels


I.SOC Analyst I: Triage
• Monitor, identify and triage alerts to determine severity and response requirement;
• Ability to perform basic malware analysis, virus exploitation and mitigation techniques;
• Create and manage tickets for alerts to be reviewed by a Level II or above; workshop response for learning and growth;
• Schedule and perform vulnerability scans and prepare initial reports; as directed;
• Demonstrate working knowledge of appropriate software programs used; i.e. monitoring, investigating, and reporting;
• Develop understanding of Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS);
• Prove proficiency at handling first level response for security events including but not limited to intrusion detection, malware infections, denial of service attacks, privileged account misuse and network breaches; and
• Stay up-to-date on information technology trends and security standards.


II. SOC Analyst II: Responder
• Have completed training and obtained required certifications as directed by management and Partner;
• Demonstrate the ability to perform advanced malware analysis, virus exploitation and mitigation techniques;
• Starting to demonstrate technical knowledge in a specialty process/function;
• Create and manage tickets for alerts to be reviewed by a Level III or above; workshop response for learning and growth;
• Review and respond to tickets created by Level I analysts;
• Point of escalation and mentoring for Level I analysts for growth;
• Configure and manage security monitoring tools;
• Demonstrates a solid understanding of network, desktop and server technologies;
• Proven experience with network intrusion methods, network containment, segregation techniques and technologies such as Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS);
• Use threat intelligence to determine the affected systems and scope;
• Consistently demonstrate the ability to identify, triage, and correlate individual events to either rule out as false positive, trigger standard detective and corrective responses, or escalating as a security incident;
• Research security enhancements and make recommendations to management; and
• General understanding of client businesses and educates self on technical issues related to the clients’ industry. 


III. SOC Analyst III: Hunter
• Demonstrates advanced knowledge with respect to appropriate software programs used by ITSA;
• Performs complex technical research and prepares conclusions for presentation to management and Partner;
• Demonstrates a thorough understanding of network, desktop and server technologies;
• Proven experience with network intrusion methods, network containment, segregation techniques and technologies such as Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS);
• Able to deploy, configure and monitor Security Information and Event Management (SIEM) platform for security alerts. Integrate and work with the firms Managed Security Services Provider (MSSP) services;
• Able to work with project lead to implement/manage technical solutions that support internal ITSA processes;
• Independently investigate security breaches and other cyber security incidents and mentor L1/L2 analysts where needed;
• Conduct penetration and other testing as required and requested by management;
• Recommend how to optimize existing tools and recommend improvements to efficiency and effectiveness;
• Demonstrates the ability to productively work with staff and clients in the engagement and manage/complete the day to day responsibilities in the engagement;
• Understands how client business operates and can identify and suggest resolutions for technical issues;
• Ability to inspire client confidence through knowledge, quality of work, and project management;
• Exhibits leadership qualities by communicating with confidence, welcoming feedback and demonstrating professionalism, i.e. positive attitude, good judgment, poise, professional attire and demeanor;
• Takes on additional responsibilities and takes charge of the team to complete the engagement and necessary assignments;
• Is Credible. The staff and clients have confidence in their leadership abilities; perceived as a highly trusted individual; and
• Mentor Level II/III for growth.