Security Operation Center Engineer (SOC Engineer)

SOC Engineer serve as subject matter experts to security threats, alerts, and incidents, as part of Spectrotel 24/7 SOC team. Our SOC Engineers are responsible for tuning security alerts detected by FortiSIEM, FortiEDR, and DarkTrace NDR, and analyzing all available data to determine if a cyber-attack is occurring, scoping the extent of a suspected attack, coordinating efforts to contain attacks, performing forensic investigations to determine the details around threats and attacks, and providing guidance on remediation actions.

Great opportunity for a Security Operations Engineer to join a growing company!

REQUIRED SKILLS:

• Prior experience working in any of the following three: Security Operations Center (SOC), Network Operations Center (NOC), Computer Incident Response Team (CIRT)
• Experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks
• Experience in computer intrusion analysis and incident response
• Working knowledge of Intrusion detection/protection systems
• Knowledge and understanding of network devices, multiple operating systems, and secure architectures
• Ability code in one or more general purpose languages
• Strong understanding of various Linux OS’s (Centos, Ubuntu, Debian, etc)
• Understanding of various virtualization platforms VMware, HyperV, and VirtualBox
• Working knowledge of network protocols and common services
• Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
• Experience responding to and resolving situations caused by network attacks
• Ability to assess information of network threats such as scans, computer viruses or complex attacks
• Working knowledge of WAN/LAN concepts and technologies
• SIEM content Analysis, Development and Testing
• 6 months recent experience (within the last 2 years) with Fortinet
• Familiarity with packet analysis to include: HTTP Headers & Status codes, SMTP Traffic & Status codes, FTP Traffic & Status Codes
• Excellent written and verbal communication skills;
• Penetration testing with Metasploit/Burp Suite/Hydra

EXPERIENCE

• 5+ years of related work experience with a Bachelor's degree; or 4 years with Master's degree
• FortiSIEM, FortiEDR, and Dark Trace NDR
• Familiar knowledge of Process and IT service management concepts such as ITIL and ITSM
• Familiarity with digital forensic techniques and recoveries

Education / Certification /Training Minimum

• Bachelor's Degree in Management Information Systems, Computer Science is preferred. Desired
• Master's degree in Computer Security, Cybersecurity, etc.
• Certifications related to security (such as Security+, GSEC, GCIH, GCIA, CISSP, NCSF, etc.)
• Certifications in Fortinet