- B2C
- Scale StageRapidly increasing operations
- Valuation $1B+This company has a valuation of $1B or more
SOC Triage Analyst (Tier 2)
- Full Time
Not Available
John Sweeney
About the job
Role Overview
ID.me is seeking a skilled SOC Triage Analyst to join our rapidly growing security team. If you have a passion for cybersecurity and a desire to advance the digital identity ecosystem, this role offers a unique opportunity to contribute to our mission. The SOC Triage Analyst plays a pivotal role in executing processes that allow the organization to detect, analyze, and respond to cyber threats and security incidents. This role involves hands-on management of incident response, threat hunting, and forensic analysis, with a focus on maintaining the security and integrity of our digital environment. The ideal candidate will have a strong technical background, a keen eye for detail, and the ability to adapt to a fast-paced, dynamic environment.
This is an onsite position in our McLean, VA headquarters.
Responsibilities
- Actively participate in incident response, including host and network-based forensic analysis, to support containment, eradication, recovery, and post-incident reviews.
- Detect, analyze, and respond to cyber threats and incidents using tools such as SIEM (e.g., Chronicle, Splunk), IDS/IPS, EDR, and firewalls.
- Proactively search for Indicators of Compromise (IOC) and Advanced Persistent Threat (APT) tactics, techniques, and procedures (TTPs) to identify potential security threats.
- Contribute to the development of threat detection signatures, analytics, and correlation rules to enhance our detection capabilities.
- Assist in projects related to security monitoring and incident response, providing technical expertise and leadership.
- Collaborate with Tier 2 and Tier 3 staff to detect, classify, and report incidents, ensuring alignment with Standard Operating Procedures (SOPs).
- Engage in threat intelligence activities, leveraging knowledge of adversary tactics and techniques to inform threat hunting and detection efforts.
- Maintain availability for 24x7 on-call rotation and ensure timely response to security incidents during standard EST business hours.
Required Qualifications
- 3+ years of experience in information security, with a strong focus on incident response and security monitoring.
- 2+ years of demonstrated experience in handling security incidents and responding to cyber threats.
- Proficient in leveraging SIEM tools (preferably Chronicle, Splunk) and other security technologies for threat detection and incident response.
- Solid understanding of cloud environments, particularly AWS, GCP, and/or Azure, and their associated security challenges.
- Experience with threat detection, threat hunting, and the use of threat intelligence to enhance security operations.
- Familiarity with investigations and forensics in MacOS and Linux environments.
- Strong knowledge of email security, network monitoring, and Data Loss Prevention (DLP) techniques.
Preferred Qualifications
- Industry security certifications, such as GCIA, GCIH, GCFA, Security+, or related credentials.
- Prior experience in combating fraud or supporting anti-fraud initiatives.
- Experience developing and implementing Standard Operating Procedures (SOPs) for security incident detection and response.
Ideal Candidate Will Thrive In Our Culture
- Demonstrates a strong passion for security and a commitment to protecting digital identities.
- Adapts well to changing priorities and can shift gears quickly in a fast-paced environment.
- Exhibits excellent oral and written communication skills, with the ability to effectively convey complex security issues.
- Works well within a team, but is also self-driven and capable of managing tasks independently.
- Shows a continuous desire for learning and professional development, staying updated with the latest trends in cybersecurity.
#LI-JS1
About the company
ID.me
- B2C
- Scale StageRapidly increasing operations
- Valuation $1B+This company has a valuation of $1B or more