SOC Analyst L1

at  GlassHouse Systems

GlassHouse Systems (GHS) is an enterprise systems, and managed services solutions provider that develops, designs and deploys solutions for leading enterprises in Canada and the US. For almost 30 years, GHS has delivered an enterprise level of service and support to clients. Recognized with industry-leading awards each year, GHS translates this differentiation into positive client experiences.
We are looking for SOC Analyst to monitor and fight threats to an organization’s IT infrastructure, and to assess security systems and measures for weaknesses and possible improvements.

Requirements:

• Experience defining SOC procedures and processes, playbooks and runbooks
• Experience with SOC technologies
• Experience analyzing events and incidents related to IT security
• SIEM experience - creating alerts, reports, dashboards, rules and tuning correlation rules
• 3-5 years of experience in computer security, network security, or information security operations.
• Broad knowledge of information systems and networking technologies, demonstrating understanding related to the functionality of, secure configuration of, and security logs produced by those information systems.
• Knowledge, skills, and abilities to conduct cyber-related or cyber-facilitated activities.
• Strong interpersonal, analytical, organizational, written and verbal communication skills, Customer service experience, working with users over the phone, via email, and in person

Responsibilities:

• Responsible for creating and updating SOC procedures and processes
• Responsible for creating and updating existing playbooks and runbooks
• Executing on processes and procedure
• Executing runbooks
• Day-to-day operational tasks related to the ongoing support of Cyber Operations in a multi-tenant environment.
• Responsible for documenting the incident life cycle, escalation, and providing support during cyber incidents
• Responsible for the tracking and assignment of tickets/events to Cyber Security Team.
• Responsible for analyzing potential threats from multiple sources.
• Responsible for creating filters, reports, dashboards, and alerts in support of Cyber Operations

Personal attributes:

• Strong verbal communication skills and excellent technical writing skills
• Strong team player and enjoys working in a fast-paced team atmosphere
• Ability to manage multiple priorities, commitments and projects
• Ability to communicate complex ideas verbally and through documentation
• Must be able to grasp highly technical concepts quickly, develop content, and independently document features for target audiences

Disclaimer:

• Responsible for creating and updating SOC procedures and processes
• Responsible for creating and updating existing playbooks and runbooks
• Executing on processes and procedure
• Executing runbooks
• Day-to-day operational tasks related to the ongoing support of Cyber Operations in a multi-tenant environment.
• Responsible for documenting the incident life cycle, escalation, and providing support during cyber incidents
• Responsible for the tracking and assignment of tickets/events to Cyber Security Team.
• Responsible for analyzing potential threats from multiple sources.
• Responsible for creating filters, reports, dashboards, and alerts in support of Cyber Operation