Security & Network Operations Center (SNOC) Analyst IITampa, FL

Security & Network Operations Center (SNOC) Analyst II Tampa, FL

Are you looking for something different in the IT industry? Are you looking for a challenging, always changing technical role that will give you the opportunity to expand your knowledge and gain experience with new cutting-edge technology?

Then predictiveIT is the place you want to be.

predictiveIT offers IT professionals a career opportunity in which our employees are rewarded with highly competitive compensation, through which they can increase through personal and team performance. IT professionals are constantly challenged and given the opportunity to expand their technical skill set and professional certifications. In addition, PIT has great benefits, fast paced working environment with positive leadership who acknowledge and appreciate their team members!

predictiveIT is currently seeking a career oriented, self-motivated, innovative and dedicated IT professional to join our team as a Hybrid SNOC Analyst III.

Overview

The position may be a hybrid or remote position after your first 90 days are successfully completed.

This position will help with the day-to-day resolution and management of security incidents and security escalations from the service desk and field engineers. The SOC Analyst III will also act as a mentor and escalation point for the SOC team for alerts and incidents. This position will report to the Field Operations and Information Security Manager for direction and strategy.

This person must be able to execute security implementation projects from start to finish, including communications, planning, and technical delivery.

Required Core and Technical Competencies:

• Proven experience in automating processes
• Creative problem-solving abilities
• Proficiency in documentation
• Effective communication skills with technical and non-technical users
• Goal-oriented mindset
• Team Player
• Attention to Detail
• Prior roles in the MSP space, familiarity with MSP-centric tools (ConnectWise, Datto, Kaseya, NinjaOne)
• Microsoft Servers: Setup of Microsoft Domains and group policy best practice
• Experience with Cisco ASA, Ubiquiti, Meraki, Watchguard and SonicWall firewall products
• Familiarity with Dell hardware and VMware virtualization
• Strong IT skills: Windows, AD, Cloud/SaaS, Networking, Security
• Experience with EDR software such as Cisco Amp and SentinelOne

Preferred Technical Competencies

• Familiarity with Darkweb monitoring, advanced email spam filtering and vulnerability scanning
• Experience with cybersecurity training platforms and phishing campaign creation
• Knowledge of forensic evidence concepts
• Knowledge of exploits, vulnerabilities, malware families and network attack vectors
• Understanding of HIPAA, SOC2, or SOX compliance and polices
• Experience with Web-API protocols (REST, GraphQL), JSON/YAML
• Experience with Microsoft Azure / 365
• Proficiency in scripting languages, especially PowerShell
• Experience with RPA products or tools like Microsoft Power Automate
• Python / Jinja knowledge
• Linux experience
• SIEM / SOAR experience
• Familiarity with Cybersecurity tools (EDR, vulnerability scanners, etc.)
• DUO MFA Setup
• Azure

Responsibilities

• Deploy security tool suite to new customers
• Network, systems monitoring management, response, and remediation as well as automating remediations to assist with the reduction of ticket noise
• Lead and champion the advancement of security policies, procedures, and automation
• Serve as the technical escalation point and mentor for lower-level analysts
• Provide forward thinking leadership to our security program
• Advise the Security Team on custom logging and security rules to be modified in tools and applications
• Document and communicate technical findings in incident response engagements
• Maintain a strong awareness of the current threat landscape
• Deep knowledge of forensic evidence concepts
• Deep knowledge of exploits, vulnerabilities, malware families and network attack vectors.
• Familiarity with static and dynamic malware analysis.
• Ability to influence without authority
• Excellent interpersonal and group dynamic skills
• Deep knowledge of/about well-known networking protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.)
• Ability to manage multiple priorities in a high-pressure role
• Excellent analytical critical and problem-solving skills
• Ability to lead root cause analysis of problems
• Technical and analytical skills to independently handle security incidents and threats
• S.O.A.R. Management
• API integration
• Building playbooks
• Reviewing implementation strategy and framework
• Identify weaknesses in customer infrastructures and suggest improvements
• Knowledge of configuring and implementing technical security solutions (Firewalls, IDS/IPS, Antivirus, SIEM, etc.)
• Understanding varying Security standards PTES, Defense in Depth, etc.
• Programming / Shell scripting experience (PERL, Python, Java, Shell, PowerShell, etc.)

Additional Responsibilities

Position requires some off-hours or weekend work based on pre-scheduling or emergencies

Responsible for participating in the On-Call (after 90 days of employment) rotation and conducting oneself per our On-Call policies and procedures.

Maintain up to date time entries and expenses for billing purposes

Targeted Time Allocation

50% Managing the tools (list of tool), tuning, and optimizing monitoring, management and automation to achieve lower reactive tickets per endpoint per month and reviewing tickets to determine what can be automated month over month in terms of tasks, remediations, standardizations, etc. again the goal being reducing reactive support ticket per endpoint per month

30% Mentoring SNOC team members, working on escalations, and developing standardizations for alert response, mitigation and remediation and assisting in working through centralized services alert tickets, vulnerability remediation, security incident response,

20% Deploying tools communicating with clients and assisting with the onboarding of new clients, internal meetings, and administrative work

Qualifications (Basic)

A SNOC Analyst with 5+ years of Cyber IT Work experience

Associate degree or higher in the field of computer science, information sciences, or related field preferred

Communicate clearly and concisely, both orally and in writing

Able to compile, organize, and analyze complex data

Excellent oral and written communication skills

Excellent organizational, analytical skills; able to work on multiple tasks while meeting deadline

Readily accessible via mobile phone and email during off-hours

Detail oriented, follows and implements corporate procedures and policies

Grace under pressure, must be steady under stress.

Certifications (Preferred)

Certification in security areas such as Security+, CCSP CompTIA Cybersecurity Analyst (CySA+), CompTIA PenTest+ certifications, Certified Ethical Hacker (CEH) or Offensive Security Certified Professional (OSCP). Possesses an advanced certification such as CompTIA Advanced Security Practitioner (CASP+), Certified Information Systems Security Professional (CISSP), GIAC Certified Incidence Handler (GCIH) or Certified Information Security Manager (CISM).