SOC Analyst/Incident Response Analyst
This job is in your area. Enjoy a short commute and work close to home.
Job Description
SOC/Incident Response Analyst
This position is a first-line defense role operating during critical off-hour windows (nights and weekends). The team will be responsible for the initial triage and validation of security alerts generated by Customerβs SIEM, Okta, SentinelOne, Keeper, and Google platforms. The primary objective is to investigate anomalies and escalate confirmed threats to the internal Incident Response (IR) team through PagerDuty.
Core Responsibilities
SIEM Alert Validation: Monitor Jira/BlinkOps for alerts pertaining to: Identity issues, compromised passwords, impossible travel, travel to restricted countries, Superadmin creation in Okta, Admin created in SentinelOne, Google admin account activity (creation/deletion), Splunk data deletion, HoneyCred access in Keeper, and suspected malicious access by Okta, Google, and other systems.
Investigation: Perform manual investigation (running searches in Splunk, Sentinel...