Security Operations (SOC) Analyst 1

  • Full-time
  • Department: SecOps

Company Description

At Anitian we believe security can be a force for good.  As such, we are on a mission to make security and compliance easy for all. We harness the power and scale of the cloud to empower developers with automated, accelerated, autonomous, and accommodating security technologies.

Anitian is a place where smart people get to be smart. When you join our team, you will enjoy a workplace of creative problem solvers who cherish intelligence, compassion, and boldness.  You will also enjoy the immediate respect of industry peers, as Anitian is recognized as a thought leader in information security.

Job Description

Anitian has immediate openings to work on our Security Operations team. This is an elite team of security analysts who do not merely monitor for attacks and malware, they actively and aggressively hunt for the evidence of compromise within our client's environments. As an Anitian Analyst, you will be part a revolution in managed security. You will work with brilliant people to spot, track, and eradicate hackers and malware. You will also be in on the ground floor of building a next-generation Security Operations Center (SOC).

Anitian's Security Analysts are the front line for fulfilling the tier-1 security operations and managed detection and response duties of the SOC service. This includes threat hunting and data analysis, assisting with hunt reporting as well as the operation and maintenance of client security platforms. You will apply your strong enterprise IT background by analyzing data from numerous kinds of systems and architectures including cloud platforms as well as triaging questions in accordance with SLAs.

This is a night shift position consisting of 12 hour shifts alternating 3 and 4 nights each week (allowing for alternating 4 and 3 days off each week). 

Duties

Managed Detection and Response - 70%

Effectively perform managed detection and response for clients, entailing:

  • Hunt client data sources such as:
    • SIEM
    • Next Generation Firewalls
    • Endpoint Protection platforms
    • Vulnerability management and scanners
    • Windows and Linux server logs
    • Application server logs
    • Identity management platforms
  • Make use of varied, disparate, constantly changing threat information
  • Operate SIEM and other data analysis platforms
  • Report on threat and vulnerability data using risk-evaluation methodologies

 

Security Operations – 30%

Effectively perform security operations duties such as:

  • Provide tier-1 support of client security infrastructure including triage of problems from SIEM, endpoint antivirus, vulnerability management, and Windows and Linux systems
  • Communicate client status to both technical and non-technical people
  • Use a Service Desk ticketing system
  • Collaborate with other tiers of support

Qualifications

REQUIRED:

  • Minimum of 2 years in a hands-on IT role that can include either system or network administration
  • Strong written communication skills
  • Familiarity with network, system, and security administration, including:
    • Fundamental Windows and Linux administration
    • Next Generation firewall
    • Intrusion Detection/Prevention systems
    • Vulnerability management platforms
    • Enterprise endpoint protection
    • DNS and fundamental TCP/IP protocols
 
PREFERRED:
  • Familiarity with use of SIEM including creating and modifying queries and alerts
  • Familiarity with vulnerability scanning and reporting
  • Familiarity with cloud platforms such as AWS, Azure, or Google Cloud
  • Understanding of incident response procedures and practices
  • Understanding of threat intelligence models and data
 

DESIRABLE

  • 2+ years of experience working in cloud environments, preferably AWS
  • 1-2 years of experience with Splunk SIEM
  • 1-2 years experience managing NGFW, preferably Fortinet or Palo Alto Networks
  • 1-2 years of experience with endpoint security, like Symantec or McAfee
  • 1-2 years of experience with vulnerability scanners, preferably Nessus 
  • Successfully execute and triage Incident response procedures
  • Experience with security automation technologies, like Phantom are highly desirable
  • Formal incident response training or certification, such as SANS 

Additional Information

 

  • This position is based in Portland, OR.  
  • Relocation reimbursement is not available for this position.
  • Competitive compensation package 
  • Four weeks of PTO with rollover allowance
  • Nine paid holidays
  • Generous benefit package includes 100% paid health care premium and vision for the employee and dental benefits
  • 401K retirement plan, up to 4% matching after a year, and profit sharing
  • Educational / professional development reimbursement program
  • Candidates must pass a criminal background check, reference check and drug test before being hired.
  • Sponsorship for work visas are not available for this position
  • Recruiters, do not contact us about this job

 

Privacy Policy