SOC Analyst

At HCSC, we consider our employees the cornerstone of our business and the foundation to our success. We enable employees to craft their career with curated development plans that set their learning path to a rewarding and fulfilling career.

Come join us and be part of a purpose driven company who is invested in your future!

Job Summary

This position is responsible for monitoring multiple feeds in a 24/7 environment to immediately detect, verify, and respond swiftly to cyber treats, e.g. vulnerability exploitation, malware, cyber-attacks, etc.; serving as a technical escalation resource and provide mentoring for Tier 1 Security Operations Center (SOC) analysts; working collaboratively with multiple teams and personnel; working with other SOC analysts as well as subject matter experts within the larger distributed Cyber defense team including; cyber threat hunters, threat intelligence analysts and forensic investigators; participating and take active role in red-team/blue-team simulated attacks and table top exercises; partnering with Security Design and Architecture Engineers to implement and improve technology and process to enhance SOC monitoring, investigation, and response capabilities.

Job Responsibilities:

This position is responsible for monitoring multiple feeds in a 24/7 environment to immediately detect, verify, and respond swiftly to cyber treats, e.g. vulnerability exploitation, malware, cyber-attacks, etc.; serving as a technical escalation resource and provide mentoring for Tier 1 Security Operations Center (SOC) analysts; working collaboratively with multiple teams and personnel; working with other SOC analysts as well as subject matter experts within the larger distributed Cyber defense team including; cyber threat hunters, threat intelligence analysts and forensic investigators; participating and take active role in red-team/blue-team simulated attacks and table top exercises; partnering with Security Design and Architecture Engineers to implement and improve technology and process to enhance SOC monitoring, investigation, and response capabilities.

As the health care industry continues to rapidly transform, our IT team conceives, develops and delivers impactful technology solutions to support access to quality, affordable health care for our members. We are driven by our collective company purpose: To do everything in our power to stand with our members in sickness and in health®. Our IT team unleashes the power of this purpose through technology. We come to work every day to make a difference, and we deliver the highest quality and best solutions to our members.

Required Job Qualifications:

* Bachelor's Degree and 4 years' work experience in a relevant role, i.e. SOC Analyst, Incident Response, Cybersecurity Threat Analyst OR 8 years of relevant military experience.

* Problem solving and troubleshooting skills with the ability to exercise mature judgment.

* Oral and written communication skills

* Attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of their work.

* Experience with event analysis leveraging SIEM tools (e.g. Splunk, ArcSight),

* Log parsing and analysis skill set and previous experience developing and refining correlation rules

* Experience with NIDS/HIPS/EDR infrastructure & tools.

* Experience with Signature development/management (e.g. Snort rules, Yara rules)

* Experience with protocol analysis and tools (e.g. Wireshark, Gigastor, Netwitness, etc.)

* Experienced in mentoring and training junior analysts

* Working knowledge of current cyber threat landscape (e.g. threat actors, APT, cyber-crime, etc.)

* Working knowledge of Windows and Unix/Linux

* Working knowledge of Firewall and Proxy technology

* Knowledge of malware operation and indicators

* Knowledge of Data Loss Prevention monitoring

* Knowledge of forensic techniques

* knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc.)

* knowledge of penetration techniques

* knowledge of DDoS mitigation techniques

Preferred Job Qualifications:

* Bachelors Degree in Computer Science, Information Systems.

* Experience in an enterprise environment with any of the following: ArcSight, Sourcefire, TrendMicro DDI, Splunk, Hadoop

* Experience in System or Network Administration, Penetration Testing or Application Development

* Security Certifications Preferred (Including but not limited to the following certifications):

* Cybersecurity Nexus (CSX) Practitioner

* Certified Incident Handler (GCIH)

* Certified Intrusion Analyst (GIAC)

* Offensive Security Certified Professional (OSCP)

* Certified Expert penetration tester (CEPT)

* Certified Information Systems Security Professional (CISSP)

* Networking Certifications (CCNA, etc)

* Platform Certifications (Microsoft, Linux, Solaris, etc)."

*Soft Skills - Candidate will need to be able to communicate technical information regarding cases upwards to leadership in a comprehensive manner.

We encourage people of all backgrounds and experiences to apply. Even if you don't meet every listed qualification, apply anyway - you might have qualifications we haven't even thought of yet.

#LI-Hybrid

Are you being referred to one of our roles? If so, ask your connection at HCSC about our Employee Referral process!

HCSC Employment Statement:

HCSC is committed to diversity in the workplace and to providing equal opportunity and affirmative action to employees and applicants. We are an Equal Opportunity Employment / Affirmative Action employer dedicated to workforce diversity and a drug-free and smoke-free workplace. Drug screening and background investigation are required, as allowed by law. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.