ZoomInfo is looking to hire an individual who will join the security team of a rapidly expanding organization with global locations.

A Mid-Level Cyber Security Operations Centers (CSOC) Analyst is needed to support the security team and the growing analysis within the organization. The ideal candidate is an experienced information security practitioner who is goal-oriented and strives to exceed expectations.

*This position will be located in Waltham, MA. Only local candidates will be considered

RESPONSIBILITIES

• Participate in larger security team and focuses on installing, configuring, investigating alerts, anomalies, errors, intrusions, malware, etc. to identify threats, source, determine remediation, and recommend security improvements or actions
• Configure and manage vulnerability scanning and patch management as part of proactive risk prevention
• Follow precise analytical paths (playbooks) to determine the nature and extent of problems being reported by tools, e-mails, etc.
• Follow strict guidance on reporting requirements
• Keep management informed with precise, unvarnished information about security posture and events no surprises.
• Promote standards-based workflow
• Engage with internal and external parties to get and share information to improve processes and security posture.
• Lead analysis, investigation of anomalies, and threats
• Work across business lines especially with IT on integration of products/services and DevOps and cloud environment
• Create management friendly reporting from tools
• Work with end-users as required to investigate threats

QUALIFICATIONS

• 2-4 years of relevant experience
• Degree in computer security, computer science or relevant hands on proven experience
• Experience on an Incident Response team performing Tier I/II initial incident triage and deep analytical investigation as needed to understand the threat and address it.
• Solid knowledge and experience using a SIEM and other related solutions such as artificial intelligence and user behavior analytics
• Experience of threat reporting and assessing diagnosis.
• Proven ability to understand company needs, building relationships and developing a positive dialogue.
• Scripting skills and reverse engineering experience is desirable.
• Past experience of using problem solving techniques and developing solutions
• Ability to assess testing tools and deploy the right ones
• Extensive Windows, Linux, Database, Application, Web server, etc. log analysis
• Extensive experience with IBMs Qradar
• Ability to analyze event and synergize logs to create a picture of the event and potential risks
• Create interfaces with existing tools to extract logs
• Configure tools to meet ongoing requirements for monitoring
• Able to work independently but also as part of a team
• Flexibility to change direction and manage conflicting demands and emergencies
• Knowledge of networking protocols and security implications
• Knowledge of IP networking and network security including Intrusion Detection
• Extensive Windows, Linux, Database, Application, Web server, etc. log analysis
• Trouble ticket generation and processing experience
• Programming experience with C, C++, C#, Python, HTML, JavaScript, .NET
• Familiarity with common network vulnerability/penetration testing tools including, but not limited to, Metasploit, Nessus, vulnerability scanners, Kali Linux, and Nmap
• Some experience with system hardening guidance and tools
• Security documentation experience
• Strong verbal/written communication and interpersonal skills to effectively communicate findings, escalate critical incidents, and interact with leadership
• Security testing certifications (GIAC, CEH)