Security Operations Center Analyst Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the security operations center analyst job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

L Hermann

Lance

Hermann

44582 Doyle Brook

San Francisco

+1 (555) 524 1079

44582 Doyle Brook

San Francisco

Phone

p +1 (555) 524 1079

Experience Experience

Chicago, IL

Security Operations Center Analyst

Chicago, IL

McCullough, Graham and Windler

Chicago, IL

Security Operations Center Analyst

3 years in information security risk and compliance management, security project management, security policy management, and other security practices
Assist in the development of new security operations policies as well as the refinement or improvement of existing policies
Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics
Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems. Consolidates and conducts comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks
Analyze network flow data for anomalies and detect malicious network activity
Assist with the development and maintenance of a weekly brief that captures all of the cyber events with metrics and trends
Report common and repeat problems (trend analysis) to management and propose process and technical improvements

Los Angeles, CA

Security Operations Center Analyst Level

Los Angeles, CA

Considine, Lesch and Kertzmann

Los Angeles, CA

Security Operations Center Analyst Level

Assist analyst investigation and ticket creation efforts. Provide daily monitoring and alerting of events that occur within the near real time environment
Manage the SOC mailbox, and monitor and analyze the emails for threats including phishing and malware, and escalates per procedure
Monitor, evaluate, and assist with the maintenance of assigned security systems in accordance with industry best practices to safeguard internal information systems and databases
Stay informed of current events in the security industry including the latest exploits and threats as well as preventative measures, remediation, and restoration techniques
Oversee and ensure P1 and P2 incidents are handled according to operational procedures. Document areas of improvement through after action reports and work with necessary parties to resolve any findings
Identify improvements within processes, procedures, policies, staffing, training, and tools to improve efforts and daily operations
Assist in developing and maturing the future services and capabilities of the SOC, such as Forensics, Threat Management, Penetration Assessments, Tool Management, and more

present

Chicago, IL

Global Security Operations Center Analyst

Chicago, IL

Ward, Hauck and Botsford

present

Chicago, IL

Global Security Operations Center Analyst

present

Briefing senior company managers on emerging world threats and events
Communicating to a wide audience complex ideas and thoughts either through written means or verbally
Assisting the Assistant Director of Security in providing threat assessment and risk analysis
Provide support for various security operations, intelligence/analytics, crisis response and business resilience areas
Work in conjunction with systems technicians and system administrator(s) to test and troubleshoot alarm and access control devices and infrastructure to ensure systems integrity
Monitor all systems for functionality and status and conducts basic troubleshooting and assessment prior to escalating problems to the systems technical staff (whatever process is established)
Coordinates and assists with the direction and staffing of an assigned team of security personnel to carry out the daily protective operations of the department

Education Education

Bachelor’s Degree in Computer Science

Adelphi University

Bachelor’s Degree in Computer Science

Skills Skills

Strong time/project management skills with the ability to operate under deadlines and manage fluctuating workloads
Candidate should have strong communication skills and exhibit a professional demeanor
Ability and willingness to think outside the box to find creative and innovative solutions to reduce costs with a minimal impact on reliability
Very good understanding of the compromises between reliability, efficiency and cost
Candidate should possess the following soft skills: communications, adaptability to change, professionalism, creativity, and drive
Ability to identify critical issues quickly and accurately
Demonstrable knowledge of networking (TCP/IP, topology, and security), operating systems (Windows/UNIX), and web technologies (Internet security)
Knowledgeable about security issues, vulnerabilities, regulatory and legal changes, and security standards that may impact information security
Ability to read system data, including, but not limited to, security and network event logs, web, anti-virus, DLP, syslogs, IPS, and firewall logs
Operational knowledge of Q-Radar SEIM console

Create a Resume in Minutes

15 Security Operations Center Analyst resume templates

Read our complete resume writing guides

O&t-security Operations Center Analyst Resume Examples & Samples

Analyst performs monitoring, research, assessment and analysis on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems.s, proxy devices (ArcSight, Arbor PeakFlow, SourceFire, Palo Alto Networks, etc.) which requires demonstrable security incident response experience
Perform initial risk assessment on new threats and vulnerabilities, perform assessment phase of Vulnerability & Threat Management process
Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc) Host Security Products (HIPS, AV, scanners, etc)
Exposure on Vulnerability assessment as well as penetration testing or forensic analysis fields are an advantage. Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA]

Security Operations Center Analyst Resume Examples & Samples

3+ years of experience with network security
Experience with using event escalation and reporting procedures and supporting network investigations
Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies
BA or BS degree in Engineering, CS, Information Security, or Information Systems
Experience with Mandiant and FireEye security products

Global Security Operations Center Analyst Resume Examples & Samples

Provide clear and unambiguous communication within Incident Management case tools with frequent and timely updates
Good communication skills and customer centric focus - ability to communicate
Good knowledge of IT Operations, infrastructure services support (Systems NT, UX, Backups, DB’s or Network management), operations monitoring and end user support
Good understanding of ITSM/ITIL processes

Security Operations Center Analyst Resume Examples & Samples

Bachelor's degree in a computer related field
5+ years security experience on SEMS and threat security application
Expert knowledge of Java, or PERL. * Strong understanding of security concepts and technology
Experience working in UNIX environment
Experience with Portal technologies (design, development, best practices)
ITIL certification or strong familiarity with Information Technology Infrastructure Library best practices
Familiar with configuration and change management requirement and process
Ability to effectively organize and prioritize multiple complex tasks

Security Operations Center Analyst Resume Examples & Samples

Analyst performs monitoring, research, assessment and analysis on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems, proxy devices which requires demonstrable security incident response experience
Create and maintain operational reports for Key Performance Indicators and weekly and Monthly Metrics
4+ years working in the security & operations fields
Experience in web development and programming languages i.e. Java, XML, Perl and HTML
A good understanding of security, web-based and infrastructure vulnerabilities is required

Security Operations Center Analyst Resume Examples & Samples

Strong ability to communicate, excellent written and oral communication skills with ability to speak authoritatively to different audiences
Independent self-starter; strong understanding of security operations concepts; strong understanding of basic computer science applications and database management
Strong leadership and management skills with critical decision making experience
Background in intelligence gathering, analysis and reporting
Joint operations center and counterterrorism experience desired

Security Operations Center Analyst Resume Examples & Samples

Experience within Incident Handling and Crisis Management
Capable of working independently and/or as part of a team
Adaptability: Ability to work effectively in a fast paced environment while consistently producing error free work and meeting deadlines
Accountability: Exhibit and drive a sense of urgency, responsiveness and credibility
Communication: Strong ability to communicate; excellent written and oral communication skills with ability to speak authoritatively to various audiences; ability to present material in a clear and concise manner; excellent interpersonal and analytical skills
Demonstrated effective time management; proactive, analytical thinking and problem solving skills
Detail oriented, organized, and ability to multi-task
Ability to identify innovative solutions with follow up and follow through; Use of discretion in confidential matters
Background in intelligence gathering, analysis and reporting and a strong knowledge and interest in Geo-Political issues and Security affairs
Must have a minimum of 3 years strong understanding of Business Resiliency and Intel gathering
Bachelor Degree, Equivalent Military/Law Enforcement and/or Joint Operations Center/Security Operations Center experience required

Security Operations Center Analyst Resume Examples & Samples

Technical analysis of network activity, monitors and evaluates network flow
Analyze network flow data for anomalies and detect malicious network activity
Analyze cyber threats, vulnerabilities and provide remediation plans
Document, communicate, collaborate and transition incident details to other SOC members
Operational knowledge of Splunk
Experience with writing queries, parsing and correlating data
Technical understanding of PaloAlto UTM, firewall, IDS and Wildfire features data, signature-based IDS events and full packet capture (PCAP) data
Strong understanding of parsing and analyzing web, system and security logs
Must have knowledge of Linux/Unix skills and security specific scripting skills
Demonstrated ability to determine and oversee remediation activities
Understanding of VPN infrastructure, 2FA, RSA Secur-ID
Understand a variety of network protocols including TCP/IP, UDP, DHCP, FTP, SFTP, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP and HTTPS
Operational knowledge of Q-Radar SEIM console
Knowledge of Tripwire, Fireye, Sourcefire, Forescout, AV, Proxies, Symantec DLP is huge plus
Familiar with YARA, STIX, TAXII, OpenIOC
DLP is huge plus

Cyber Security Operations Center Analyst Resume Examples & Samples

At least 1 year experience in creating formal documentation for systems administration, operations and maintenance
At least 1 year experience in working in a team environment
At least 1 year experience in Security Information and Event Management (SIEM) tools
At least 1 year experience in performing vulnerability management in an enterprise environment
At least 1 year experience in Transmission Control Protocol/Internet Protocol (TCP/IP), ports, protocols and system functions (file Input/Output (I/O), Registry, file permission)
At least 3 years experience in working in a team environment
Certified in Certified Information Systems Security Professional (CISSP)
Security clearance of Secret - Active

Cyber Defense Security Operations Center Analyst Resume Examples & Samples

Monitor security events from multiple sources, analyze the results and escalate, when necessary, to the appropriate group for remediation. The events will originate from, but are not limited to DLP, IDS, IPS, antivirus, firewalls and system security logs
Develop custom content for the SIEM platform. This would include creating, publishing, and communicating the availability of dashboards that will be monitored by the Security Operations Center
Monitor security blogs, articles, reports, as well as other security intelligence sources to keep up-to-date on the latest security threats and trends. Report significant threats to Cyber Defense leadership
College degree in Computer Information Systems, Computer Science or equivalent experience required
Three (3) years of information security experience. Prefer experience working with DLP, IDS/IPS and SIEM technologies and processes
One (1) year of experience working in a Security Operations Center preferred. Prefer experience working with ArcSight
Possession of current CISSP certification preferred. Familiar with and able to apply time-proven, generally-accepted security methods, concepts and techniques
Strong negotiation skills and ability to interact effectively with direct managers and staff in both technical and business roles. Able to defuse situations, work around defensive attitudes, and deal with diverse personalities to achieve assignment objectives
Good understanding of networking (WAN, LAN, wLAN), network domains (Internet, intranet, DMZ), communication techniques/protocols (IP and others), and their combined effects on network and host systems security
Strong negotiation skills and ability to interact effectively with direct managers and staff in both technical and business roles
Able to defuse situations, work around defensive attitudes, and deal with diverse personalities to achieve assignment objectives
Good understanding of networking (WAN, LAN, wLAN), network domains (Internet, Intranet, DMZ), communication techniques/protocols and their combined effects on network and host system security
Understanding of basic firewall and vulnerability scanner architecture, operations and configuration
Ability to maintain awareness of local, national and international trends and developments in the area of security and ability to relate them to the needs of the Deloitte U.S. Firms
Ability to learn and retain new skills, as required, in order to meet the demands of a rapidly changing technical environment
Ability to work non-standard shifts and/or on-call to support the requirements of the organization
Ability to possess and maintain a security clearance issued by the U.S. Government. Possession of active clearance preferred

Tier / Security Operations Center Analyst Resume Examples & Samples

Ability to travel and work rotational shift work based on client needs
BA or BS degree or 4+ years of experience in IT Security in lieu of a degree
Experience with working in a 24/7 SOC environment
Experience with managing cases with enterprise SIEM and logging systems
Knowledge of Cyber threat capabilities and technical capabilities to defend networks and systems
Knowledge of network operating systems, SLAs, and service expertise
Ability to inform or brief senior officials, when appropriate
Possession of excellent oral and written communication skills to clearly and concisely document Cybersecurity incident details and escalate appropriately, when required

Security Operations Center Analyst, Mid Resume Examples & Samples

Experience with Cybersecurity tools, including ArcSight, ACAS, SIEM tools, or forensics tools and methodologies
Experience with network ports and protocols
Experience with log review and analysis
Knowledge of current and emerging security technologies
CCNA or Network+ Certification
Computing Environment Certificates, including McAfee, Blue Coat, RedHat, or Cisco

Security Operations Center Analyst, Junior Resume Examples & Samples

3 years of experience with incident handling, forensics, sensor alert tracking, or Cybersecurity case management
IA Baseline Certification with one of the following: GCIH, CSIH, CEH, or GCFA
Ability to correlate disparate datasets to identify abnormal behavior
Possession of excellent analytics and collaboration skills

Jnr Cyber Security Operations Center Analyst Resume Examples & Samples

At least 1 year experience in a Security Operations Center
At least 3 years experience in creating formal documentation for systems administration, operations and maintenance
At least 1 year experience in security policy development
At least 1 year experience in security and network incident response procedures
At least 1 year experience in performing application and/or database scanning within an enterprise environment

Senior Security Operations Center Analyst Resume Examples & Samples

Monitor and respond to security events escalated by Level 1 security analysts and respond appropriately to protect Realogy information and assets
Utilize endpoint products such as Carbon Black to identify malicious activity on the network
Review daily and weekly reports generated by Level 1 security analysts for actionable tasks for the SOC team
Collaborate with the Cyber Threat Intel Analyst (CTIA) to ensure appropriate security incident management and threat response processes are followed
Provide technical expertise of security tool deployment and implementation supporting the SOC
Analyze SOC functions and recommend upgrades/changes to ensure the security of the Company
Continuously assess current state of security monitoring and recommend changes for improvement
Proactively conduct research of Realogy network traffic and system activity looking for security anomalies and suspicious activities
Perform Advanced Persistent Threat correlation between multiple security event sources such as firewall logs, threat intelligence feeds, AV, IDS, IPS, and Carbon Black Enterprise Response
Responsible for tuning and implementing configuration changes related to IDS/IPS, endpoint security, SIEM, and other tools as necessary
Responsible for in-depth reviews of log files and using this information to identify security events
Provide mentoring to other members of the Security Operations Center team
Bachelor’s degree in technical engineering or IT related field and 5+ years of experience in a large scale, complex, high performance network
4+ years of experience working with a Security Incident & Event Management (SIEM) to correlate events across several devices
Strong understanding of network devices such as Intrusion Detection Systems (IDS)/ Intrusion Prevent Systems (IPS), firewalls, network packet capture tools, and file integrity monitoring tools
Expert level knowledge in incident prevention, detection and response tools such as Carbon Black
Extensive knowledge of network and server security products, technologies, and protocols
Requires background in at least 2 of the following domains: hacking and incident response; network forensics; security engineering, networking protocols and data center; security analysis and investigations
Security certifications (CISSP, CISM, GIAC certs) preferred
Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environment

Security Operations Center Analyst Resume Examples & Samples

Monitor alert queues on DLP and other security monitoring systems
Collect and organize alert, event and triage data to produce reports to illustrate workload performance and the quality of existing policies/processes
For follow-on SOC support
Degree in related field preferred

Tier, Security Operations Center Analyst Resume Examples & Samples

1+ years of experience with Cybersecurity
Experience with using event escalation, reporting procedures, and supporting network investigations
Ability to pay strict attention to detail, display logic and a solution orientation, and learn and adapt quickly
BA or BS degree or 4+ years of experience with IT Security in lieu of a degree
Security+, CEH, GCIA, GCIH, or CISSP Certification
2 years of experience with applied incident response support
Experience with working in a 24/7 SOC environment and supporting commercial or government clients
Experience in managing cases with enterprise SIEM and logging systems
Experience with conducting forensic media analysis and log file analysis
Ability to inform or brief senior officials, as appropriate
Possession of excellent analytical, initiative, and critical thinking skills

Tier Security Operations Center Analyst Resume Examples & Samples

Experience with supporting network investigations and using event escalation and reporting procedures
Knowledge of TCP/IP communications and how common protocols and applications work at the network level, including DNS, HTTP, and SMB
Ability to demonstrate analytical expertise, strict attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
BA or BS degree or 4+ years of experience with IT security in lieu of a degree
Experience with working in a 24/7 SOC environment in support of commercial or government clients
Experience with common incident response tools and technologies
Knowledge of how to use Cyber threat capabilities and technical capabilities to defend networks and systems
Knowledge of network operating systems, SLAs, and services
Ability to be comfortable with informing or briefing senior officials, as appropriate

Cyber Security Operations Center Analyst Resume Examples & Samples

Identify current and future threat and recommend remedial actions
Work as part of a 24/7/365 team delivering real time proactive monitoring and maintenance of supported security tools and associated rules and signatures. Tools include but are not limited to, SIEM, NIDS/NIPS, HIDS/HIPS, Endpoint protection suites, DLP
Maintain and grow the value of current and future partner relationships
Carry out Triage on Security events, raise incidents and support the Incident Management process
Create and maintain SIEM correlation rules, signature creation for supported NIDS/NIPS, HIDS/ HIPS and Endpoint Protection products
SCADA /ICS environments
Demonstrate in depth knowledge of desktop and server operating systems and associated log analysis
Demonstrate in depth knowledge of network packet analysis Experience of Security Incident Management processes
Demonstrate ability to formulate formal processes and procedures to support SOC operations
Experience of developing SIEM correlation rules and snort signatures
GIAC/CEH
Demonstrate excellent written and verbal communication skills

Security Operations Center Analyst Resume Examples & Samples

Minimum 4+ years applicable work experience
Conversant with security concepts and techniques
Ability to read and understand system data, including, but not limited to, security event logs, system logs, and firewall logs
An ability to work weekends, holidays, or alternate non-traditional schedules and shifts
Ability to obtain a U.S. Government Security Clearance

IT Security Operations Center Analyst Resume Examples & Samples

Experience configuring and fine tuning SEIM systems (ArchSight preferred)
Traditional network monitoring experience (packet/protocol analysis)
Hands-on administrative experience with major operating systems
Experience conducting Data Leak Prevention operations
Experience interfacing with external customers
Security + CE Certification

Security Operations Center Analyst Resume Examples & Samples

Provide resolution plans for system and network issues
Internet connectivity and protocols (TCP/IP)
Enterprise Security Information Management systems

Security Operations Center Analyst Resume Examples & Samples

Leverage a wide array of tools, systems and telemetry feeds to monitor Blizzard networks for potential security risks or anomalies
Monitor security infrastructure system health states and coordinate with responsible teams for troubleshooting and resolution
Provide feedback on potential enhancements to SOC tools and systems with the goal of ever increasing efficiency
Embrace and apply automation to simplify routine tasks
Provide guidance and clarification regarding organizational security policies and protocols, helping evangelize security awareness throughout all internal customer interactions
Abide by and enhance runbooks and documentation associated with SOC actions; develop new material as required

Security Operations Center Analyst Resume Examples & Samples

1+ years of experience as an information security analyst or engineer
Knowledge of log management and SIEM tools usage and architecture
Ability to explain current information security threats, including DDoS, botnets, malware, Advanced Persistent Threats (APT), buffer overflows, SQL injection, and phishing
Ability to develop use cases for detecting malicious and suspicious activity
Ability to travel up to 75% of the time
BA or BS degree in CS, IT, EE, Applied Mathematics, Computer Engineering, or a related field

Tier, Security Operations Center Analyst Resume Examples & Samples

Perform post-incident report according to standard operations as well as activities such as identifying what was done right and wrong, identifying tools that may have helped the investigation and those that hindered it. Discuss with the responsible parties on what could have been done better
Is responsible for designing or participating in the implementation of the technical solution/processes in compliance with the security standards and operational feasibility
Assist in developing and maturing the future services and capabilities of the SOC, such as Forensics, Threat Management, Penetration Assessments, Tool Management, and more
Ensure that all procedures and operations are carried out by the responsible parties
Perform incident triage to include determining scope, urgency, and potential impact
Assist Analysts in monitoring network traffic and security alerts for potential events/incidents as well as trending and historical analysis and ensuring all incident reports are complete and written within standard operations, ensure ticket audits and reviews are completed
Provides support to security operational teams on escalated incidents including troubleshooting, analysis and resolution, Act as a security representative for SDMs for high priority incidents
Act as an escalation point for event analysis and incident handling, Required to control and manage Critical incidents to ensure all standard operations are taking place
Ensure event analysis and incident reports are documented and quality control is applied to ensure accuracy
Provides the training, time, guidance, direction, and administrative action to ensure that team responsibilities are completed at the best quality level possible
Serve as work area experts for security/information assurance policy recommendations
Gather intelligence from sources outside the SOC (both internal and external sources) and leverage for operations
Experience and extensive knowledge of a SIEM and event analysis and information gathering
Experience in leading Security Incident Handling procedures using SANS methodology
Experience with the TCP/IP stack, DNS, BGP and metadata
Malware Engineering

Tier, Security Operations Center Analyst Resume Examples & Samples

Perform Tier I initial incident triage
Assist in creation of a final incident report detailing the events of the incident
Position may require occasional nights or weekends and/or the ability to be on call
1 to 3 years of experience in information security event monitoring and detection, incident response or IT security administration
Familiarity with network security methodologies, tactics, techniques and procedures
Ability to understand IDS signatures
Experience performing security/vulnerability reviews of network environments
Possess a comprehensive understanding of the TCP/IP protocol, security architecture, network and remote access security techniques/products
Operational research background, utilizing an analytical approach
Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers
Highly motivated individual with the ability to self-start, prioritize, multi-task and work in a team setting
Direct experience with Malware and Fusion analysis techniques and methodologies

Security Operations Center Analyst Resume Examples & Samples

Detection, monitoring, analysis, resolution of security incidents, participate in providing containment recommendation
Perform network/system/application/log intrusion detection analysis and trending
Participate in the security incident handling efforts in response to a detected incident, and coordinate with other stakeholders (CGI towers or client staff)
Maintain standard operating procedures, processes and guidelines
Participate in client audits
Experience working in an IT Security Operations Centre, using SANS methodology
Knowledge of: TCP/IP, computer networking, routing and switching
Experience in Linux/UNIX and Windows based devices at the System Administrator level
Ability to speak and write fluently
Shift rotation including 3rd shift will be required for this role
Graduation with a degree from a recognized university with specialization in Computer Sciences or a related discipline, combined with a minimum of three (3) years of directly related practical experience and demonstrated ability to carry out the functions of the job

Security Operations Center Analyst Level Resume Examples & Samples

Define, gather and report on metrics regarding all security systems within the property environment
Manage the SOC mailbox, and monitor and analyze the emails for threats including phishing and malware, and escalates per procedure
Participate in the Investigation of security violations and breaches - may prepare reports on intrusions as needed
Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used to support cyber security operations
Provide reoccurring reports for network and host-based security solutions
21+ years of age
Associate’s degree in Information Systems or equivalent in relevant discipline preferred
Minimum of three years hands on experience configuring and working with Information Technology Systems is preferred
Excellent problem solving skills, ability to triage and resolve critical technical issues
Current, relative industry certifications preferred
Must be able to work collaboratively with the global team
Experience configuring and installing information security applications
Hands-on experience with security applications is preferred
Fundamental understanding of encryption technologies
Understanding of common network traffic, i.e., Transmission Control Protocol/Internet Protocol (TCP/IP), Internet traffic, and mail
Working knowledge of one of the following platforms is preferred: IBM iSeries, Linux, and MS Windows
Ability to assess network activity and system configuration for anomalous activity to determine system security status
Knowledge and understanding of network protocols, network devices, multiple operating systems
Technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, anti-malware solutions, automated policy compliance tools, and desktop security tools is preferred
Fundamental knowledge of network traffic alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms
Knowledge and understanding of current cyber threats

Security Operations Center Analyst Resume Examples & Samples

Bachelor’s degree in Computer Science, Computer Engineering, Information Technology, Cybersecurity, or a minimum of five (5) year of work experience in a related field
Two (2) years of experience in incident detection and response, system administration, database administration, network engineering, or software development
Experience working in a SOC or helping to implement a SOC in an enterprise environment is a plus
Candidate should have strong communication skills and exhibit a professional demeanor
Ability and willingness to think outside the box to find creative and innovative solutions to reduce costs with a minimal impact on reliability
Exhibit the ability to work in a fast-paced and hectic work environment, ability to prioritize tasks effectively; and an ability to work seamlessly across organizational boundaries
Strong planning/time management skills
Very good understanding of the compromises between reliability, efficiency and cost
Candidate should possess an expert Knowledge in the following technical skills: Incident Response, Log Analysis, TCP/IP, Network Traffic Analysis, Antivirus/Malware, Intrusion Detection/Prevention, Security Incident and Event Management Systems (SIEM), Packet Analysis Techniques, Event Correlation, and Incident Triage
Candidate should possess the following soft skills: communications, adaptability to change, professionalism, creativity, and drive

Security Operations Center Analyst Resume Examples & Samples

Actively seeks to uncover indicators of compromise for which monitoring capabilities do not yet exist by reading and interpreting logs and packet traces
Intermediate to advanced understanding of network protocols and operating systems is required
Collects and aggregates information from a wide variety of sources and formats them for relevance to our environment
Creates hypotheses for analytics and testing of threat data and tests methodically to prove or disprove the hypothesis
Shares lessons learned, initial indicators of detection, and opportunities for strengthening detection capabilities
Performs analysis of compensating controls and validates efficacy of existing controls
7+ years of combined IT Security experience with a focus on Cyber Hunting & Threat Intelligence
Security Certifications Preferred (ISSEP, GCIA, GCIH, & GPEN)
Network and Platform Certifications Preferred
Understanding of network protocols and their analysis
Experienced with Windows & Linux operating systems
Experienced with event analysis leveraging SIEM tools
Knowledge of malware operators and indicators
Knowledge of current threat landscape (threat actors, APT, cyber-crime, etc..)
Knowledge of Firewall and Proxy technology
Knowledge of penetration techniques

Cyber Security Operations Center Analyst Resume Examples & Samples

Perform network traffic analysis
Applies technical principles, theories, and concepts to complete assignments of limited scope
Provide recommendation for containment measures in industry automation environments together and with guidance of the senior level member of the team
Performs standard work described above and consults other, more senior members of the team to work through more complex, less clearly-defined issues
Review threat data from various sources and develops custom signatures for Open Source Intrusion Detection Systems (IDS) or other custom detection capabilities
Demonstrates a basic grasp of knowledge and principles in field of specialization
Firewalls, Proxies, VPN, covert tunneling, Layer 3 switching, intrusion detection systems and data reconstruction
Windows File System structure, and ability to recover deleted files, search hidden files, access the ADS and analyze disk slack space
UNIX/LINUX system administration, configuration, troubleshooting, scripting skills
Understanding of complex Network Infrastructures
Ability to analyze the Windows registry
Network signature analysis with tools such as SNORT, NetFLOW, WireShark, tcpdump or related tools
Central log collection, indexes, searching and analysis
Interpret logs in the context of security events/intrusions and make accurate conclusions
General understanding of production plant and automation environments

Cyber Security Operations Center Analyst Resume Examples & Samples

Understanding of Firewalls, Proxies, VPN, covert tunneling, Layer 3 switching, intrusion detection systems and data reconstruction
Understanding of the Windows File System structure, and ability to recover deleted files, search hidden files, access the ADS and analyze disk slack space
Experience with network signature analysis with tools such as SNORT, NetFLOW, WireShark, tcpdump or related tools
Experience with central log collection, indexes, searching and analysis
Ability to interpret logs in the context of security events/intrusions and make accurate conclusions
Comprehensive understanding of production plant and automation environments

Security Operations Center Analyst Resume Examples & Samples

Moderate to Advanced event analysis leveraging SIEM tools (ArcSight preferred)
Moderate incident investigation and response skill set
Moderate log parsing and analysis skill set
Moderate knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc.)
Moderate knowledge of malware operation and indicators
Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)
Moderate knowledge or IDS/IPS systems
Moderate knowledge of Windows and Unix or Linux
Moderate knowledge of Firewall and Proxy technology
Basic to Moderate knowledge of penetration techniques
Basic to Moderate knowledge of DDoS mitigation techniques
Basic knowledge of Data Loss Prevention monitoring
Basic experience with scripting
Basic knowledge of forensic techniques
Basic to Moderate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)
Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc.)
Experienced in mentoring and training junior analysts
Security Certifications Preferred (Including but not limited to the following certifications)
Certified Intrusion Analyst (GIAC)
Certified Ethical hacker (CEH)
Certified Expert penetration tester (CEPT)
Networking Certifications (CCNA, etc.)
Platform Certifications (Microsoft, Linux, Solaris, etc.)

Security Operations Center Analyst Resume Examples & Samples

Perform system and network analysis of suspected or potential security incidents
Audit and report all F-35 Program IT systems and subsystems
Use DoD provided and required tool suites and other approved tools/methods to perform vulnerability assessments to support C&A compliance and security controls
Provide evidentiary requirements such as executing forensics technical and gathering results on any computing assets such as mobile devices to support any investigation, inquiry, or litigation
Assist in the process of systems certification as directed by the F-35 CIO
Evaluate target systems to analyze results of scans, identify resolutions, develop POA&M, make recommendations, and continuously monitor requirements
Continuous Control Monitoring including Baseline Security (REMEDY)
Be able to work in fast paced environment with occasional on-call activities

Security Operations Center Analyst Resume Examples & Samples

Assist in the Auditing of computer systems to ensure that they are operating securely and that data is protected from both internal and external attack
Assists in the Conducting of security assessments to ensure adherence to customer specific security policy, procedures and industry standards
Investigates security violations and breaches; prepares reports on intrusions as necessary
Three Must Have Skills

Security Operations Center Analyst Resume Examples & Samples

Follow pre-defined actions to handle BAU and High severity issues including escalating to other support groups.. Execute daily ad hoc tasks or lead small projects as needed
Perform initial risk assessment on new threats and vulnerabilities, perform assessment phase of Vulnerability and Threat Management process
Participate in daily and ad-hoc conference calls as well as compliance and controls, self-assessment processes and documentation related tasks
Ability to read and understand packet level data. Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc.) Host Security Products (HIPS, AV, scanners, etc.)

Senior IT Security Operations Center Analyst Resume Examples & Samples

Monitor incoming event queues for potential security incidents; Identify and act on anomalous network activity
Perform hunting for malicious network activity
Perform initial investigation and triage for potential security incidents
Provide accurate & priority driven analysis on cyber activity/threats
Perform payload analysis of packets
Detonate malware to assist with threat research
Resolve or coordinate the resolution (escalate) of cyber security events
Monitor external event sources for security intelligence and actionable incidents
Maintain shift logs with relevant activity
Participate in root cause analysis or lessons learned sessions
Write technical articles for knowledge sharing

Security Operations Center Analyst Resume Examples & Samples

Performs detailed examination and analysis of Phishing sites and other fraud types (Vishing, 419 Scams, Pharming)
Performs analysis of malware binaries and communication points
Gathers and reports data, working to meet or exceed client’s Service Level Agreement (SLA)
Communicates with clients and internal departments to support findings
Communicates with ISPs and Registrars globally to mitigate fraud attacks

IT Security Operations Center Analyst Resume Examples & Samples

Performing inbound security event analysis in an industry leading SIEM in a shift environment
Identifying and creating incidents and validate remediation with end system users to track resolution in incident management tracking system
Performing review and validation of daily compliance reports to track business as usual and out of policy activities
Working alongside senior security engineers and architects to deliver superior security services to CVS Health business units

AWS Security Operations Center Analyst Resume Examples & Samples

Continuously monitor and assess the integrity of AWS physical security systems
Configuration of security devices and data center access management
Identify, analyze, and author risk reports pertaining to compliance standards
Conduct security and risk analysis
Provide risk mitigation for AWS physical security and weekly status updates to Operational Managers
Manage a high volume workload and conduct basic prioritization
High-level customer service skills as demonstrated by way of previous work history
Familiarity of MS Office Suite to include Word, PowerPoint, Excel, Outlook, and other MS programs to include SharePoint, etc
Excellent communications skills, including a mastery of the English language both written and spoken
Experience in an IT/Operations/Call/Command Center type environment (2yrs Desirable)
US Citizen (required for Seattle based positions)
Experience with incident management and adhering to Service Level Agreements (SLA)
Experience performance based metrics and risk analysis

Security Operations Center Analyst Resume Examples & Samples

Notify, assist and direct external emergency personnel and internal Emergency Response Team as necessary
Support the world wide badging function as requested
Ensure the Shift Supervisor, SOC Program Manager and appropriate security management is apprised of all significant and unusual events in real-time, and documentation is maintained
Generate briefing reports of emerging situations based on information received
Must possess a minimum of one (1) year professional security experience in a corporate environment
Demonstrated ability to operate radio, telephone equipment and/or console monitors
Proficient computer, keyboard and typing skills

Global Security Operations Center Analyst Resume Examples & Samples

Monitor all systems for functionality and status and conducts basic troubleshooting and assessment prior to escalating problems to the systems technical staff (whatever process is established)
Work in conjunction with systems technicians and system administrator(s) to test and troubleshoot alarm and access control devices and infrastructure to ensure systems integrity
Coordinates and assists with the direction and staffing of an assigned team of security personnel to carry out the daily protective operations of the department
Monitor email inboxes, work order service requests and all communications devices; prioritizes and processes incoming information according to procedure
Assume supervisory and team oversight responsibilities in the absence of the Shift Security Supervisor
Investigate incidents and creates accurate and timely incident reports, escalating to the appropriate persons as necessary
Perform audits of all operational equipment and software to ensure proper functionality
Perform other tasks and duties of a similar nature and scope as assigned
One (1) year professional security experience in a corporate environment
Intelligence Analyst (San Jose, CA)

Global Security Operations Center Analyst Resume Examples & Samples

Gathers information from multiple open source intelligence sites using a variety of web based tools to form risk assessments
Communicating to a wide audience complex ideas and thoughts either through written means or verbally
Global monitoring of NOV’s assets
Assisting the Assistant Director of Security in providing threat assessment and risk analysis
Provide support for various security operations, intelligence/analytics, crisis response and business resilience areas
Provide back-up operator support and on-call function as-needed
Shift work will be required. Candidates must be able to work a flexible schedule on a variety of shifts
Bachelor’s degree required (Political Science, International Relations, Global/International Studies, or History)
Minimum 4 years of experience in doing intelligence analysis for the military, federal government, or corporation. Candidates must demonstrate knowledge and experience in this requirement. Education in lieu of experience will also be considered on a case by case basis
Strong computer skills are necessary. Must present a proven ability using a variety of database management tools, software, hardware, security access, and alarm monitoring software and/or business intelligence applications. Presenting a capability of IDV’s VCC, ArcGIS, Esri, or other GIS tools are a plus
Must have effective time management, communication, technical writing, presentation development, facilitation, and organizational skills
Must be able to effectively communicate to all levels of management
Must have demonstrated analytical and problem solving skills
Must be a self-starter who takes initiative to accomplish the task on hand
A dependable team player with business maturity, enthusiasm and a positive attitude

Security Operations Center Analyst Resume Examples & Samples

Typically has 1 or more years of consulting and/or industry experience
Ability to work independently under general guidance
Experience working in teams and in a team environment that is process-oriented and deadline-driven
Relevant software or application skills to complete job successfully
Problem solving and troubleshooting skills with the ability to exercise mature judgment

Global Security Operations Center Analyst Resume Examples & Samples

Social Media Monitoring – Threats Against Client Interest (Property, Personnel and Operations)
Current Event Monitoring – Open Source Media and Vendor Alerts (NC4/ISOS)
Incident Tracking – Track Identified Threatening Incidents
Travel Tracking – Employee Travel Outreach
Country Risk Assessments and Recommendations – Security/Medical Guides
Investigate incidents/briefings, and create accurate and timely incident reports, escalating to the appropriate persons as necessary
Minimum of 2 years of academic or professional experience in research, analysis and development of intelligence products/reports

Prinicipal Security Operations Center Analyst Resume Examples & Samples

Conduct in- depth, thorough analysis of network traffic and host activity across a wide array of technologies and platforms
Conduct “after action” reviews to identify lessons learned and best practices
Foster innovation, creativity, collaboration, and professional growth of the SOC team
Ensure the SOC analyst team is providing excellent customer service and support
3+ years of SOC or MSSP experience with at least 1 year in an in-depth technical role
3+ years of SIEM experience – with knowledge of content creation (rules, alerts, etc.)

Security Operations Center Analyst Resume Examples & Samples

3+ years of experience as part of a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC), or Security Operations Center (SOC)
BA or BS degree or 4+ years of experience with equivalent Cyber work
CompTIA Net+, CompTIA A+, CompTIA Security+, GIAC Certified Incident Handler (GCIH), or EC-Council Certified Incident Handler (ECIH) Certification

Security Operations Center Analyst Resume Examples & Samples

3+ years of experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC), or a Security Operations Center (SOC)
BA or BS degree or 4 years of experience in Cyber–related work
One or more of the following certifications: CompTIA Security+, Certified Penetration Testing Engineer (CPTE) or Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH) or EC–Council Certified Incident Handler (ECIH), or Certified Information Systems Auditor (CISA)

Security Operations Center Analyst Resume Examples & Samples

Responsible for the analysis and triage of network anomalies that should be considered Events of Interest (EOI). Will provide basic assessment of the anomaly; designate it as an EOI and coordinate response with CND response team
Responsible for escalating EOIs to Responders in a timely manner; with all required information to ensure the response team may act upon it accordingly
Must have a good understanding of networks at a packet level. Must be able to analyze packet captures at the expert level
Must have experience using CND tools to detect network attack; these tools are

Security Operations Center Analyst Resume Examples & Samples

Responsible for working in a 24x7 Security Operation Center (SOC) environment in shifts
Provide analysis and trending of security log data from several security devices
Provide Incident Response (IR) support when analysis confirms an actionable incident
Provide threat and vulnerability analysis services
Analyze and respond to unkown or previously undisclosed software and hardware vulnerabilities

Global Security Operations Center Analyst Resume Examples & Samples

Strong analytical skills and ability to successfully manage multiple priorities
Proficient in all Microsoft Programs with an understanding of SharePoint and ability to create excel pivot tables
Advanced skills and experience in collecting and analyzing large quantities of data to produce assessments, publications and reports
Strong written and verbal communication skills with technical report writing
Proficient in geographic information systems, programming, plotting and legends preferred
Proficient in open source research
Understanding of social media monitoring
In depth knowledge of current global geo/political patterns
Analytical and problem-solving skills with ability to produce trend and pattern analysis
Ability to multi-task in a fast-paced and demanding work environment
Comfortable with high-tech work environment, and constant learning of new tools and innovations
Ability to effectively communicate with all levels of management

Security Operations Center Analyst Level Resume Examples & Samples

Understand and maintain the appropriate knowledge of tools, security procedures, and services within the SOC, as well as ensuring all tools are functioning properly
Confirm the proper development, implementation, and understanding of new policies, programs, tools, and procedures for all SOC incident handling operations, activities, and training requirements and suggestions
Ensure security incidents are completed and documented appropriately
Oversee and ensure P1 and P2 incidents are handled according to operational procedures. Document areas of improvement through after action reports and work with necessary parties to resolve any findings
Establish and optimize the use of security and compliance monitoring processes, procedures and tools to improve efforts and daily operations
Evaluate new or improved technologies on a regular basis and provide recommendations to the Team Lead for future consideration of SOC usage
Keep current with emerging security threats and risks. Ensure prevention and detection techniques are identified
Provide post-incident reporting according to standard operations to include identifying positive and negative aspects, identifying tools that may have helped/hindered the investigation and discuss with the all responsible parties
Provide technical support on the security infrastructure in accordance with SLAs
Responsible for designing or participating in the implementation of technical solutions/processes in compliance with the Global Information System security standards and operational feasibility
Oversee and review incident handling and customer deliverables
Provide guidance and support to all SOC personnel and ensure that each individual has a clear understanding of SOC policies and procedures as well as their individual responsibilities
Evaluate time and activities analysts are focusing on, prioritize areas for enhancement, and inform upper management where additional staff or technology could have the biggest impact and improve effectiveness
Assist Analysts in monitoring network traffic and security alerts for potential events/incidents as well as trending and historical analysis and complete ticket audits and reviews
Mentor and guide personnel growth into roles which align with the needs of the SOC. Properly escalate team member requests. If a solution cannot be provided, try to suggest or obtain other options
Ensure incident knowledge sharing is handled according to procedures (sister SOC and US-CERT reporting)
Provide support to security operational teams on escalated incidents including troubleshooting, analysis and resolution. Act as a security representative for Service/Content Delivery Managers for high priority incidents
Provide oversight on incident handling to ensure all mitigation techniques are being achieved
Ensure the transfer of knowledge between analyst shifts and leadership to provide an understanding of all updates, assignments, training, and SOC procedures
Act as an escalation point for event analysis and incident handling required to control and manage P1 and P2 incidents to ensure all standard operations are taking place
Assist in maintaining appropriate staff scheduling to ensure that each shift has the right amount of personnel and skillsets
Provide analysts with consistent up-to-date documentation for clients and procedures in an easy-to-access and organized central location
Ensure weekly reports are completed and provided to leadership
Ensure US-CERT is properly notified of CAT-1 and CAT-2 incidents in accordance with FedRAMP guidelines
Ensure escalation procedures are followed and proper POCs are notified according to normal operations
Participate in the defining of implementation strategy
Certify that proper documentation and structure is in place to prioritize and escalate issues in order to be proactive rather than reactive
Provides the time, guidance, direction, and administrative action to ensure that team responsibilities are completed at the best quality level possible
Ensure team members’ proficiency and conduct are properly documented for higher management and leadership
Act as the escalation point for client requests for information and as a presence on conference calls where SOC representation is necessary
Thirst for knowledge, inquisitive nature, keen interest in being a driver of the SOC expansion
Experience working in an IT Security Operations Center using SANS methodology
Demonstrated experience leading a team of technical professionals
Experience and extensive knowledge of Security Information Event Management
Team player, excellent communication skills, good time management
Organizational skills and the ability to work autonomously with attention to processes
Ability to speak and communicate effectively with peers, management and clients
Security certifications: SANS/GIAC (GCIH, GCIA or GCUX)
Security +, Network +, CISSP, CEH, GCIA, GCIH, CISM, SPLUNK Training
Knowledge of NIST, PCI, HIPAA

Security Operations Center Analyst Level Resume Examples & Samples

Understand and maintain the appropriate knowledge of tools, security procedures, and services within the SOC
Ensure the proper direction, implementation, and understanding of new policies, programs, tools, and procedures are available within the team
Ensure the proper documentation and structure is in place to prioritize and escalate issues in order to be proactive rather than reactive
Ensure that event analysis and incident reports are documented and quality control is applied to ensure accuracy
Identify improvements within processes, procedures, policies, staffing, training, and tools to improve efforts and daily operations
Responsible for shift activity and daily operations in terms of making sure that the daily shift responsibilities are completed
Understand SOC objectives, direction, and procedures
Maintain the ability to complete all SOC daily operations and procedures, and ensure the proper escalation and leadership knowledge is provided
Ensure the proper documentation of tickets, shift documentation, correspondence, and escalations
Ensure events are handled at detection time according to established procedures
Demonstrate excellent communication and client care skills by documenting all activities within our client delivery systems and communicating with client representatives in a timely manner
Stay informed of current events in the security industry including the latest exploits and threats as well as preventative measures, remediation, and restoration techniques
Ensure that proper pass down is given in terms of the accuracy of the information and the events that took place during shift
Act as the escalation point for client requests for information and presence on conference calls where SOC representation is necessary
Mentor team members to improve quality and consistency of security information analysis of network traffic
Assist analyst investigation and ticket creation efforts. Provide daily monitoring and alerting of events that occur within the near real time environment
Ensure the proper mitigations and vulnerability management are recommended and escalated to management

Security Operations Center Analyst Level Resume Examples & Samples

Monitor network traffic and security alerts for potential events/incidents
Conduct initial triage, declare events/incidents, create incident cases, gather evidence, track and update incident status, and identify additional action items
1 to 3 Years of experience
Organizational skills and the ability to work autonomously with attention to details
Graduation with a degree from a recognized university with specialization in Computer Sciences or a related discipline, combined with a minimum of one to three( 1-3) years of directly related practical experience and demonstrated ability to carry out the functions of the job

AWS Security Operations Center Analyst Resume Examples & Samples

Multitasking skills including the ability to answer multiple phone lines, prioritization of e-mail, instant message, and ticket related communication, and communicate clearly within a command center environment
Ability to work any shift within the 24/7 operation, including holidays and weekends and sit for prolonged periods without getting distracted
Experience with access control systems (ex: Lenel, Multi-Max, C-Cure, Honeywell, etc.)
US Citizen (required)
Bachelors, Associate degree or some college course work or certifications in related field (IT, Communications, Political Science, etc.) strongly preferred
Experience in an Security/IT/Operations/Call/Command Center type environment
Experience troubleshooting, programming, testing or installation access control devices
Certification in access control or alarm monitoring suite
Experience maintaining metrics and SLA’S

Security Operations Center Analyst Resume Examples & Samples

Provide accurate & priority driven analysis to detect, analyze, respond to and track security threats and vulnerabilities
Utilize information security tools to gather information needed to investigate an events of interest
Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement
Keep accurate and concise records for all cases
Create and maintain documentation, processes, procedures, and reports
Contribute to the continuous improvement and growth of the SOC and Information Security
Continue to develop technical skills to expand knowledge and understanding of key Information Security controls

Security Operations Center Analyst Resume Examples & Samples

A Travel Commerce Platform through which it facilitates travel commerce by connecting the world’s leading travel providers with online and offline travel buyers in a proprietary business-to-business (B2B) travel marketplace. Travelport has a leadership position in airline merchandising, hotel content and rate distribution, mobile travel commerce and a pioneering B2B payment solution that addresses the needs of travel intermediaries to efficiently and securely settle travel transactions
Technology Services through which it provides critical IT services to airlines, such as shopping, ticketing, departure control and other solutions, enabling them to focus on their core business competencies and reduce costs
Monitoring and analyzing network traffic, Intrusion Detection Systems (IDS), security events and logs, cloud security, anti-virus reports, threat management feeds, etc
Creating and tracking security investigations to resolution through Security Governance Risk and Compliance platform (GRC)
Working experience with a Security Information and Event Management (SIEM) solution
Lead activities to tune and optimize all Security tools used in the Travelport environment (IAM, WAF, IDS, Vulnerability Management, DLP, SIEM, Anti-Virus, IDM, etc)
Leads, analyzes, and assesses security incidents that occur to Travelport assets and escalates incidents by following incident plan
Performs risk and security assessments of applications, databases, and servers and supports networking technologies
Assists Security Engineering team in performing application scanning to ensure that code releases are secure
Support engineering team on initiatives to perform penetration testing on network and applications using ethical hacking techniques in order to determine network and application vulnerability
Performs reviews and assessments of security controls before hardware/software is migrated to production
Minimum of 1-3 years experience in a security operations center role
Minimum of 1-3 years experience as a System Administrator (Unix/Windows) and Network Administrator
Experience analyzing IIS, SQL, firewall, IPS/IDS, Windows, Anti-Virus, mail filtering, WAF, encryption
Hands on experience managing an array of security tools (e.g. Web Content Filtering, Malware, Firewalls, Intrusion Protection, etc.)
Ability to read system data, including, but not limited to, security and network event logs, web, anti-virus, DLP, syslogs, IPS, and firewall logs
Knowledge of Vulnerability Management tools such as (Nessus, Qualys or Nexpose) required
Knowledge of threat management management tools
Knowledge of Security Information and Event Management (SIEM) – (ArcSight, QRadar, RSA Envision, LogRythm, or Splunk, etc.) required
Knowledge of Windows 200X server platforms
Knowledge of Unix systems (Linux, CentOS, etc)
Knowledge of VMware and VM server platforms
Maintains a broad knowledge of current and emerging network security threats

Security Operations Center Analyst Resume Examples & Samples

Leverage a wide array of tools, systems, and telemetry feeds to monitor Blizzard networks for potential security risks or anomalies
Perform Tier 1 security response for incidents or alerts, including investigation, assessment, triage, seamless escalation and resolution
Process and route all requests for security assistance and perform first contact resolution as possible, escalating to partner teams for support when necessary
Provide guidance and clarification regarding organizational security policies & protocols, helping evangelize security awareness throughout all internal customer interactions

AWS Security Operations Center Analyst Resume Examples & Samples

High-level customer service skills as demonstrated by way of 2 years previous work history
1 year of experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
Familiarity and basic skills in at least three of the tools in the MS Office Suite, to include Word, PowerPoint, Excel, Outlook, and other MS programs to include SharePoint, etc
Excellent communications skills, categorized as fluent in the English language both written and spoken
Ability to work any shift within the 24/7 operation, including holidays and weekends and sit for prolonged periods
Familiarity and 1 year of experience with access control systems (ex: Lenel, Multi-Max, C-Cure, Honeywell, etc.)
1 year of experience in an Operations/Call/Command Center type environment (2 years desirable)

Security Operations Center Analyst Resume Examples & Samples

Handle P1 and P2 incidents under the direction of Shift leads and Specialists. Follow through to closure P3 and P4 incidents
Detect, document, respond to and escalate events and incidents in accordance with CGI Federal MSS Incident Handling policies and procedures
Demonstrate capabilities and techniques that can be used to mitigate Cyber-attacks and threats
Demonstrate the capability to utilize the Security Tools to investigate and correlate events
Develop reports and/or briefings for events/incidents
Maintain shift logs for all SOC activities conducted during scheduled hours
Monitor, maintain, and respond to group email and distribution lists
Create tickets for necessary tasks that need to be executed by external teams. Ensure tasks are communicated via email to the respectable team(s), as well as documenting and tracking activities within tickets according to ticketing procedures, and annotating in shift logs according to shift report procedures. Conduct systems and tools health checks
Recommend updates to the wiki with relevant content as it becomes known
Ensure that the phones are forwarded to the “On-Call” or appropriate individual when the office is unmanned
Experience working in an IT Security Operations Center
Experience and extensive knowledge of Security Information Event Management (SIEM) tool
Experience in Intrusion Detection or Intrusion Prevention Systems
US Federal Government security clearance, or the ability to become cleared
Experience using ticketing systems such as Remedy
Security +, Network +, CEH, GCIA, GCIH, CISM, SPLUNK Training
Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions

Senior Security Operations Center Analyst Resume Examples & Samples

The primary responsibility of this position will be to provide analysis of security log, open source and other cyber threat data, provide Tier 2 incident response support and lead hunting activities for the IN-ISAC Security Operations Center. This position will require the individual to investigate, document, analyze, respond to a variety of different security related events and incidents. This position will facilitate the integration and sharing of cyber threat information with other analysts, other IOT teams, Fusion Centers, ISAOs and ISACs
Conduct analytical assessments on the data collected by the various tools and systems used by the SOC
Prepares analytical reports and on current threats, trends, vulnerabilities and other cybersecurity issues
Participates in the development, testing and implementation of IN-ISAC SOC plans to ensure safe custody of information in the event of problems or failure
Lead red team - blue team training activities and participate in the development, testing and implementation of IN-ISAC SOC plans to ensure safe custody of information in the event of problems or failure
Archer SecOps (Advanced) – 5+ years

Security Operations Center Analyst Resume Examples & Samples

Monitoring and analysis of cyber security events with use of QRadar (SIEM), Exabeam (UEBA), Phish Alarm, Reports, trends and anomalies
Security Event Correlation and Reporting to appropriate Tier 2 Security Analyst or Incident Response staff or relevant sources to determine increased risk to the business
Recognize potential, successful, and unsuccessful intrusion attempts/compromises thorough review and analysis of relevant event detail and summary information
Development and execution of SOC procedures
Continuously monitor the cyber security related events and alerts
Triage security events and incidents, detect anomalies, and report/direct remediation actions
Work in a 24/7, 12h shift rotation
Analysis of phishing emails reported by internal end users
Working with Tier-3 teams on events and incident mitigation
Security Operations Center (SOC) environment experience
CompTIA Security+ or other relevant networking certifications
Computer science related education
Any prior knowledge of security technologies or tools would be a great benefit - including SIEM, IDS/IPS, antivirus/malware, vulnerability assessment, patch deployment, netflow, DLP, programming, Unix/Linux, Windows Server OS

Security Operations Center Analyst Resume Examples & Samples

Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems. Consolidates and conducts comprehensive analysis of threat data obtained from classified, proprietary, and open source resources to provide indication and warnings of impending attacks against unclassified and classified networks
Recommend changes to Standard Operating Procedures and other similar documentation
Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty
1-3 (+) years of related experience in information technology and/or information security preferred
An understanding of Cyber Security Incident Response and Network Security Monitoring
Fundamental understanding of computer networking (TCP/IP)
Knowledge of Windows, Linux and Cisco operating systems and information security
Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; Splunk, Symantec antivirus, Firewalls and Sourcefire and similar tools preferred
Ability to obtain Clearance required

Security Operations Center Analyst Resume Examples & Samples

Perform technical analysis of security alerts from all sources (automated tool alerts, employee reported alerts, fraud investigation related alerts, etc.)
Coordinate activities with other technology departments to drive security incidents and vulnerabilities to remediation
Contribute to the development of new security tools, procedures, and processes, including initial recommendation, engineering, maintenance, and operational tuning
Develop, maintain, and tune a threat intelligence program based on current industry trends and risks
Provide ongoing security tool optimization using aggregation, filters, correlation rules, etc
Perform behavioral analysis of malware in a sandbox environment
Support the life-cycle of security tools including coordination and planning of upgrades, new deployments, and maintaining operational efficiency
Apply configuration management disciplines to maintain hardware/software revisions, content, patches, and hardening
Coordinate and conduct log and packet collection, event management, compliance automation, and identity monitoring activities
Track open tickets to ensure SLAs are met
6+ years of total Information Technology experience including

Security Operations Center Analyst Resume Examples & Samples

Evergreen/Update SOC training materials, tools, and desktop Linux images
2+ years of total Information Technology experience including at least two of the following
3 years in information security risk and compliance management, security project management, security policy management, and other security practices
3 years of specific experience identifying and responding to cyber security incidents and threats
3 years of experience using scripting techniques (Perl, Python, Rest API, VB, etc.) to automate tasks
3 years of experience in evaluating, installing, configuring, and maintaining at least 2 of the following security tools (IDS, IPS, SIEM, DLP, Proxy, Firewall, Endpoint forensics, disk encryption, GRC, Vulnerability scanner, sandbox)
Experience with interpreting and analyzing packet captures via wireshark or like
RHCSA, RHCSE, CCNA, or VCP or related technology certifications a plus
CISSP, CISA, CISM, GIAC, GCIH, Security+ or related certifications a plus
Proficient with MS Office suite
Requires strong analytical skills and problem solving skills
Superb communication skills with both technical and management staff
Ability to recommend and influence business process changes with regards to Information Security policies, standards, processes, and processes (including the use of tools)

Security Operations Center Analyst Resume Examples & Samples

Update and maintain the SOPs for Security Operations Center functions
Track and report incidents within the CND SharePoint from initial detection through final resolution in accordance with DOD incident reporting directives
Assist with the development and maintenance of daily morning brief and an end of day brief to provide current cyber security posture, issuance of directives, cyber events, and compliance status
Assist with the development and maintenance of a weekly brief that captures all of the cyber events with metrics and trends
Submit and track all trouble tickets submitted on behalf of CND internally and to external organizations and ensure that SLAs are being met
Maintain accounts from external DOD agencies on NIPRNET, SIPRNET, and JWICS to in order to receive reports from multiple sources to incorporate CND briefs and distribute to stakeholders
Maintain situational awareness on cyber incidents and activity with the appropriate DOD partners (i.e. CSSP, CYBERCOM, NSA, etc.) via various tools and reporting mechanisms (i.e. NTOC, CENTAUR, CMRS, JIMS, Acropolis) on NIPRNET, SIPRNET, and JWICS
Review and determine if external reports, orders, and directives are applicable to DSS enclaves and execute response actions as required
Track and coordinate all tasks, cyber events, external assessments, tickets, and all other applicable actions with the agency’s Cyber Security Service Provider
Utilize the DSS CND collaborative SharePoint site and coordinate operations, maintain libraries, briefs, and training
2 years’ of Cyber Security experience with a Bachelor’s degree in a technical specialty: cyber security, computer science, or similar field. Note, may consider four (4) additional years of relevant experience in lieu of a degree
Understanding of security tools like ArcSight, McAfee HBSS, Cisco and Juniper products
Knowledge of Security Information and Event Management
Experience with security monitoring
IAT-I or II IA Baseline Certification (SEC+ preferred)
CND Analyst IA Baseline Certification: (CEH, GCIA, GCIH)
Experience with NTOC, CENTAUR, CMRS, JIMS, and Acropolis reporting tools
Experience with Advanced Persistent Threat Tactics, Technics, and Procedures
Excellent verbal and written communications

Security Operations Center Analyst Resume Examples & Samples

70% Monitoring and Operations
Perform real-time proactive security monitoring, detection and response to security events and incidents within the Cargill Enterprise Network
Conduct thorough investigation of security events generated by our detection mechanisms such as SIEM, IDS/IPS, AV
Utilize advanced network and host forensic tools in order to triage and scope an incident
Categorize the events and raise necessary incidents after thorough quality check of the event
20% Collaboration
Work closely with L2 and L3 Support and provide adequate information required for resolution
Collaborates with the Cyber Security Incident Response Team on maintenance and fine-tuning of security platform functionality
Bachelor’s/Master’s degree in Information Technology, Information Assurance or computer science with
1 -3 years of experience in triaging information security alerts from tools like SIEM, DLP, Proxy and other CND security tools
Working knowledge of Windows and Linux OS to include experience working in the command line interface
Basic understanding of
Knowledge of various cyber-attacks and recent hacking techniques
Strong oral and writing skills to articulate complex ideas clearly and effectively; experience creating and presenting documentation and management reports
Industry-recognized Information Security Certifications, including SANS GIAC Certifications, ideally GCIH, GCFA, GREM, CISSP, Security+

Cyber Security Operations Center, Analyst Resume Examples & Samples

Execute monitoring systems used to detect and report security violations
Provide initial investigation of security incidents
Provide communication and escalation throughout the incident per the operating guidelines
Perform analysis of log files
Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets
Based on experience, the analyst in this position may be on-call 24 hours per day to respond to information security related problems
1 year experience working in a large complex, matrix, and global organization
The candidate should be able to exercise command scripts and execute programs to obtain the desired results
An understanding of software productivity packages like MS Office, MS Access, and terminal emulation software
Certifications in a related security domain such as CISSP, GCIA, or GSEC a plus

Download Security Operations Center Analyst Resume Sample as Image file

Related Job Titles

Security Operations Analyst Resume Sample

Application Security Analyst Resume Sample

SAP Security Analyst Resume Sample

Security Operations Manager Resume Sample

Security Operations Center Resume Sample

Security Operations Resume Sample

Manager, Security Operations Resume Sample

Security Operations Center Manager Resume Sample

Industrial Security Analyst Resume Sample

Security Operations Center Operator Resume Sample

Cyber Security Operations Resume Sample

Security Engineer, / Security Engineer Resume Sample

Browse More

Security Operations Center Analyst Resume Samples

The Guide To Resume Tailoring

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Resume Builder

15 Security Operations Center Analyst resume templates

Read our complete resume writing guides

How to Tailor Your Resume

How to Make a Resume

How to Mention Achievements

Work Experience in Resume

50+ Skills to Put on a Resume

How and Why Put Hobbies

Top 22 Fonts for Your Resume

50 Best Resume Tips

200+ Action Words to Use

Internship Resume

Killer Resume Summary

Write a Resume Objective

What to Put on a Resume

How Long Should a Resume Be

The Best Resume Format

How to List Education

CV vs. Resume: The Difference

Include Contact Information

Resume Format PDF vs Word

How to Write a Student Resume

O&t-security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Global Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Cyber Security Operations Center Analyst Resume Examples & Samples

Cyber Defense Security Operations Center Analyst Resume Examples & Samples

Tier / Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst, Mid Resume Examples & Samples

Security Operations Center Analyst, Junior Resume Examples & Samples

Jnr Cyber Security Operations Center Analyst Resume Examples & Samples

Senior Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Tier, Security Operations Center Analyst Resume Examples & Samples

Tier Security Operations Center Analyst Resume Examples & Samples

Cyber Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

IT Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Tier, Security Operations Center Analyst Resume Examples & Samples

Tier, Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Level Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Cyber Security Operations Center Analyst Resume Examples & Samples

Cyber Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Senior IT Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

IT Security Operations Center Analyst Resume Examples & Samples

AWS Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Global Security Operations Center Analyst Resume Examples & Samples

Global Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Global Security Operations Center Analyst Resume Examples & Samples

Prinicipal Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Security Operations Center Analyst Resume Examples & Samples

Global Security Operations Center Analyst Resume Examples & Samples

How to Make
a Resume

50 Best
Resume Tips

200+ Action
Words to Use

Internship
Resume