DTICI_CSOC L3 Specialist_T7

Company Overview

(Information about the company, its industry, and culture is not provided.)

Job Summary

The DTICI_CSOC L3 Specialist_T7 role is critical to enhancing the organization's security posture. This position focuses on advanced threat detection, incident response, and collaboration with security teams to safeguard the organization's digital assets. The specialist will utilize technical tools and methodologies to analyze incidents, mitigate threats, and improve overall security operations.

Responsibilities

• Utilize advanced security tools to detect and analyze complex threats.
• Conduct in-depth technical analyses of security incidents, including providing detailed documentation and timelines.
• Review and analyze user access logs to identify unauthorized or suspicious activities.
• Trace phishing attacks, spoofed messages, and other email-related threats through email log analysis.
• Operate Security Information and Event Management (SIEM) systems and Intrusion Detection/Prevention Systems (IDS/IPS) for effective monitoring.
• Analyze malware behavior using sandbox environments to provide insight into threats.
• Collaborate with L3-Mail-Security and Mail Teams during incidents to address email security issues.
• Refine and tune alerting systems to reduce false positives and enhance detection capabilities.
• Maintain and manage the CSOC's knowledge base, including playbooks and important processes.
• Coordinate incident response efforts, manage escalations, and conduct post-incident analyses to implement improvements.

Qualifications

• Bachelor’s or master’s degree in Computer Science, Information Systems, Engineering, Information Security, Cybersecurity, or a related field.
• Proficiency in using SIEM and IDS/IPS tools.
• Strong analytical abilities to work with complex datasets to identify security threats.
• Experience in malware analysis and email security.
• Excellent coordination and communication skills for effective collaboration with internal and external teams.
• Strong documentation skills for incident response processes and reporting.
• Knowledge of incident management processes and continuous improvement practices.

Preferred Skills

• Experience with security Operations Center (SOC) operations.
• Familiarity with threat intelligence tools and services.
• Knowledge of compliance frameworks and risk management.

Experience

(Specific years of experience and types of relevant experience needed are not provided.)

Environment

(Details about the typical work setting, including location or physical conditions, are not specified.)

Salary

(Estimated salary range is not provided.)

Growth Opportunities

(Information about potential career advancement opportunities within the company is not provided.)

Benefits

(Details about offered benefits such as insurance, paid leave, or work policies are not provided.)