Security Analyst III - SOC Analyst
This is an exceptional opportunity to create solutions and programs that can truly make a difference at one of America’s leading health benefits companies and a Fortune Top 50 Company.
Responsible for serving as a Tier 1 SOC Analyst. Primary duties may include, but are not limited to:
- Perform the detailed and repeatable execution of all operational tasks as documented in SOC processes and subordinate procedures.
- Monitor the SOC Main Channel for security events.
- Close or escalates security events as necessary.
- Update all relevant documentation such as shift logs and tickets.
- Identify impact of incidents on systems, and using available tools determine if data was infiltrated.
- Document and maintain a knowledge base of alarms (false positives and false negatives, blacklists, whitelists) that IDS and IPS encounter.
- Serve as work area experts for security/information assurance policy recommendations.
- Gather intelligence from sources outside the SOC (both internal and external sources) and leverage for operations.
- Escalate incidents to applicable Anthem entities for remediation.
- Build relationships with other Anthem business units to strengthen security posture throughout the organization.
- Ensure security events and incidents are detected and escalated in a timely manner.
- Provide analysis and investigation to determine if alerts or security events warrant incident classification.
- Track incidents through final resolution.
- Perform incident triage to include determining scope, urgency, and potential impact.
- Drive the Information Fusion Procedure where various data inputs are gathered, analyzed and presented in a meaningful, actionable manner.
- Responsible for long term analysis and investigation into Anthem network activity, and the creation of custom logic to detect unique or previously undetectable attacks on Anthem’s information assets.
Requires a BA/BS; 3+ years of experience in a support and operations or design and engineering role; or any combination of education and experience, which would provide an equivalent background. Technical security certifications (e.g. Systems Security Certified Practitioner) preferred.