Security Analyst Supervisor - Remote

Gallin Associates

Phoenix Arizona

United States

Information Technology
(No Timezone Provided)

We are looking for a Swing Shift Supervisor to join the Analyst team. The Swing Shift Supervisor is expected to be hands on operationally and lead the analysts on the swing shift, but more so focused on leading projects to improve the team, identify gaps and solutions, improve the documentation and processes, and prioritizing the case workload amongst the team.

The Swing Shift Supervisor will have 4-5 direct reports of junior and senior analysts on the swing shift and report to the SOC Manager. The position is full time, remote, offers a base and bonus along with excellent benefits. The shift will be Monday through Friday from 12pm to 8pm PST.
 

Primary Duties

  • Aid in the development and revision of security operation center procedures, protocols, and systems
  • Identify and lead projects with the focus of making technological and procedural improvements to SOC operations
  • Ensure efficient and cost-effective staffing and scheduling
  • Handle escalated customer facing issues and be the designated incident lead for major incidents
  • Develop and execute training for all SOC functions
  • Provide first-line supervision, mentoring, and leadership of team members
  • Manage a staff of security analysts, hire and train new staff, conduct performance reviews, and provide leadership and coaching for team members
  • Assist on an as needed basis with triaging alerts and threat hunting
  • Maintain on-call hours to handle escalated events after hours and maintain the ability to provide rare emergency coverage in the SOC if needed
  • Requirements

  • Define metrics and reporting strategies that effectively communicate successes and progress of the analyst team
  • Ability to analyze packet captures/data and logs to perform incident response and identify potential compromises to customer networks
  • Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and common TTP’s (tactics, techniques, and procedures) used by threat actors
  • Experience analyzing both log and packet data in a SIEM (RSA NetWitness, Azure Sentinel, Splunk, etc.)
  • Strong understanding of incident response methodologies and reporting
  • Excellent communication skills, both written and verbal
  • Able to remain calm and handle high stress situations in a fast-paced environment
  • Strong analytical and problem-solving skills
  • Self-motivated and able to balance multiple concurrent projects
  • Preferred Qualifications

  • Minimum of four years of experience performing triage/incident response in enterprise environments
  • Minimum of four years of experience performing forensic analysis of logs and packet captures to identify malicious artifacts
  • Prior experience mentoring/leading a small team
  • Higher level security certifications (CEH, GCIH, GCFA, GCFE, GCTI, GCIA, GREM, GPEN, GFNA, OCSP, CISSP, CISM)
  • Strong understanding of ATT&CK Framework, common web attacks, NIST or SANS Incident Handling Procedures, knowledge of Windows and Linux operating systems, and networking principles
  • Candidate must be a US Citizen or Green Card Holder

    Salary: $100,000 - $122,000

    Security Analyst Supervisor - Remote

    Gallin Associates

    Phoenix Arizona

    United States

    Information Technology

    (No Timezone Provided)

    We are looking for a Swing Shift Supervisor to join the Analyst team. The Swing Shift Supervisor is expected to be hands on operationally and lead the analysts on the swing shift, but more so focused on leading projects to improve the team, identify gaps and solutions, improve the documentation and processes, and prioritizing the case workload amongst the team.

    The Swing Shift Supervisor will have 4-5 direct reports of junior and senior analysts on the swing shift and report to the SOC Manager. The position is full time, remote, offers a base and bonus along with excellent benefits. The shift will be Monday through Friday from 12pm to 8pm PST.
     

    Primary Duties

  • Aid in the development and revision of security operation center procedures, protocols, and systems
  • Identify and lead projects with the focus of making technological and procedural improvements to SOC operations
  • Ensure efficient and cost-effective staffing and scheduling
  • Handle escalated customer facing issues and be the designated incident lead for major incidents
  • Develop and execute training for all SOC functions
  • Provide first-line supervision, mentoring, and leadership of team members
  • Manage a staff of security analysts, hire and train new staff, conduct performance reviews, and provide leadership and coaching for team members
  • Assist on an as needed basis with triaging alerts and threat hunting
  • Maintain on-call hours to handle escalated events after hours and maintain the ability to provide rare emergency coverage in the SOC if needed
  • Requirements

  • Define metrics and reporting strategies that effectively communicate successes and progress of the analyst team
  • Ability to analyze packet captures/data and logs to perform incident response and identify potential compromises to customer networks
  • Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and common TTP’s (tactics, techniques, and procedures) used by threat actors
  • Experience analyzing both log and packet data in a SIEM (RSA NetWitness, Azure Sentinel, Splunk, etc.)
  • Strong understanding of incident response methodologies and reporting
  • Excellent communication skills, both written and verbal
  • Able to remain calm and handle high stress situations in a fast-paced environment
  • Strong analytical and problem-solving skills
  • Self-motivated and able to balance multiple concurrent projects
  • Preferred Qualifications

  • Minimum of four years of experience performing triage/incident response in enterprise environments
  • Minimum of four years of experience performing forensic analysis of logs and packet captures to identify malicious artifacts
  • Prior experience mentoring/leading a small team
  • Higher level security certifications (CEH, GCIH, GCFA, GCFE, GCTI, GCIA, GREM, GPEN, GFNA, OCSP, CISSP, CISM)
  • Strong understanding of ATT&CK Framework, common web attacks, NIST or SANS Incident Handling Procedures, knowledge of Windows and Linux operating systems, and networking principles
  • Candidate must be a US Citizen or Green Card Holder

    Salary: $100,000 - $122,000