Senior SOC/Cyber Security Analyst - Texas - Blue Cross & Blue Shield
As the health care industry continues to rapidly transform, our IT team conceives, develops and delivers impactful technology solutions to support access to quality, affordable health care for our members. We are driven by our collective company purpose: To do everything in our power to stand with our members in sickness and in health®. Our IT team unleashes the power of this purpose through technology. We come to work every day to make a difference, and we deliver the highest quality and best solutions to our members.
This position is responsible for monitoring multiple feeds in a 24/7 environment to immediately detect, verify, and respond swiftly to cyber threats, e.g. vulnerability exploitation, malware, cyber-attacks, etc.; serving as a technical escalation resource and provide mentoring for Tier 1 Security Operations Center (SOC) analysts; working collaboratively with multiple teams and personnel; working with other SOC analysts as well as subject matter experts within the larger distributed Cyber defense team including; cyber threat hunters, threat intelligence analysts and forensic investigators; participating and take active role in red-team/blue-team simulated attacks and table top exercises; partnering with Security Design and Architecture Engineers to implement and improve technology and process to enhance SOC monitoring, investigation, and response capabilities.
Required Job Qualifications:
*Bachelors Degree and 3 years work experience in a relevant role, i.e. SOC Analyst, Incident Response, Cybersecurity Threat Analyst
*Problem solving and troubleshooting skills with the ability to exercise mature judgment.
*Oral and written communication skills
*Attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of their work.
*Experience with event analysis leveraging SIEM tools (e.g. Splunk, ArcSight),
*Log parsing and analysis skill set and previous experience developing and refining correlation rules
*Experience with NIDS/HIPS/EDR infrastructure & tools.
*Experience with Signature development/management (e.g. Snort rules, Yara rules)
*Experience with protocol analysis and tools (e.g. Wireshark, Gigastor, Netwitness, etc.)
*Experienced in mentoring and training junior analysts
*Working knowledge of current cyber threat landscape (e.g. threat actors, APT, cyber-crime, etc.)
*Working knowledge of Windows and Unix/Linux
*Working knowledge of Firewall and Proxy technology
*Knowledge of malware operation and indicators
*Knowledge of Data Loss Prevention monitoring
*Knowledge of forensic techniques
*knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc.)
*knowledge of penetration techniques
*knowledge of DDoS mitigation techniques
Preferred Job Qualifications:
*Bachelors Degree in Computer Science, Information Systems.
*Experience in an enterprise environment with any of the following: ArcSight, Sourcefire, TrendMicro DDI, Splunk, Hadoop
*Experience in System or Network Administration, Penetration Testing or Application Development
*Security Certifications Preferred (Including but not limited to the following certifications):oCybersecurity Nexus (CSX) Practitioner oCertified Incident Handler (GCIH)oCertified Intrusion Analyst (GIAC)oOffensive Security Certified Professional (OSCP)oCertified Expert penetration tester (CEPT)oCertified Information Systems Security Professional (CISSP)oNetworking Certifications (CCNA, etc)oPlatform Certifications (Microsoft, Linux, Solaris, etc).