Job Information
Coretek Services SOC Security Analyst - Level 1 in Farmington Hills, Michigan
Join a highly skilled and motivated team of Cyber Security Professionals tasked with protecting Coretek and its customers. The Cyber Security Analyst level 1 is an entry level role that is primarily focused on responding to alerts, setting up cases for escalation, and triage. Analysts will leverage Microsoft Sentinel as well as, cyber case management and supplementary tools to investigate, contain, and remediate cyber security incidents. The Cyber Security Analyst must have a drive to learn and grow as the industry changes and Coretek adapts rapidly.
Coretek understands that a candidate may not possess all the skills required of a Security Analyst for the unique service provider space and will educate and grow the right candidate. At Coretek the desire to learn and work with in a team is a requirement of the position. Skills in other disciplines are always welcome and shows a candidate’s ability to adapt. Those with formal education are welcomed as well as those that are self-taught. Structured training as well as on the job experience is a required part of the job to bring security professionals up to speed for the complex requirements and fast paced environment of a service provider. Security Analysts must have a drive to learn and grow as the industry changes and Coretek adapts.
ESSENTIAL FUNCTIONS:
Respond to alerts and validate findings
Escalate security incidents incident response teams for investigation / remediation
Support Incident Response investigations for Coretek and Coretek customers
Learn to perform analysis of logs and alerts
Coordinate with appropriate teams to provide incident handling and response support
Learn to use and improve incident response procedures & runbooks
Handle security incident escalation via Cyber Case Management tools, SIEM, ITSM, email, phone, or walk-up
Requirements
MINIMUM QUALIFICATIONS:
Knowledge of incident response, investigation, system forensics, or related cyber security education / self-learning
Familiarity with Windows and Linux operating systems including command line operation
Possess a foundation in networking fundamentals and TCP/IP
Knowledge of common network-based services and common client/server applications
Excellent verbal/written communication, interpersonal and organizational skills
Communicate effectively with varied levels of staff to develop positive working relationships
Excellent problem-solving skills to diagnose technical issues
Manage customer situations professionally to aid in positive customer satisfaction
Ability to learn new technology and concepts quickly
Ability to work on a shift or on-call rotation if needed
Formal education or certifications in incident response, forensics, cyber security case management, IT technology, networking, or related topics
Experience working on a security operations team
Experience reviewing and analyzing log data from various network and security devices
Experience with well-known information security related tools for packet capture, network/OS fingerprinting, and communication
Practical understanding of exploits, vulnerabilities, computer network intrusions, adversary tactics, exfiltration techniques and common knowledge
Experience with enterprise SIEM products
Experience with ITSM, SOAR, or Cyber Case Management Tools
Scripting with Python, Perl, Bash and/or PowerShell a plus
Database structures and queries, Regular Expressions a plus
Experience acquiring and analyzing data from clients and servers related to security incident response
Digital Forensic or Threat Intelligence work
PREFERRED QUALIFICATIONS:
Formal education or certifications in incident response, forensics, cyber security case management, IT technology, networking, or related topics
Experience working on a security operations team
Experience reviewing and analyzing log data from various network and security devices
Experience with well-known information security related tools for packet capture, network/OS fingerprinting, and communication
Practical understanding of exploits, vulnerabilities, computer network intrusions, adversary tactics, exfiltration techniques and common knowledge
Experience with enterprise SIEM products
Experience with ITSM, SOAR, or Cyber Case Management Tools
Scripting with Python, Perl, Bash and/or PowerShell a plus
Database structures and queries, Regular Expressions a plus
Experience acquiring and analyzing data from clients and servers related to security incident response
Digital Forensic or Threat Intelligence work
EDUCATION and TRAINING:
Degree in technology, cyber security, criminal justice/forensics, or equivalent work experience
Security related certifications desired