Vacancy expired!
Sr. Information Security Analyst-SOC
The Information Security office is hiring a Senior Security Operations Analyst. The preferred candidate will have Security Operations Center (SOC) and Incident Response/Coordination experience. Responsibilities will include cybersecurity investigations, legal/HR discovery, and digital forensics (DFIR).
The SOC Senior Analyst Position reports directly to the SOC Manager. Key responsibilities of the role include:
• Respond to cyber security tickets and provide analysis and trending of security log data from security devices as well as various security tool portals
• Monitor and analyze Security Information and Event Management (SIEM) alerts to identify security issues for remediation and investigate events and incidents
• Monitor threat intelligence feeds
• Provide proactive "threat hunting" to detect incidents
• Tune rules and thresholds to improve fidelity of alerts
• Author Incident Response Playbooks
• Perform the duties and responsibilities of Incident Response Coordinator when needed
• Prepare reports of analysis and results to provide briefings to management and clients
• Investigate, document, and report on information security issues and emerging trends.
• Perform legal/HR eDiscovery searches
• Partner with Managed Security Services Provider and host weekly Incident Response touch points with support team
• Establish and manage partnerships with IT Security, IT Infrastructure, Network Connectivity teams
The SOC Senior Security Operations Analyst is focused on protecting the organization and patient data. The primary function of this position is to support the team by participating in investigations, identification and reporting on cyber threats. You will coordinate resources during incident response efforts, assists with classifying security events, develop remediation guidance, support documentation and client reporting deliverables, and assists with system security compliance. The individual is experienced in many areas of the information security domains, and is able to conduct risk assessments, develop appropriate risk responses and monitor the environment for threats. The individual needs to have the capability to support several projects and tactical initiatives related to enterprise security, manage critical relationships with key stakeholders and vendors, drive process improvements for the information security program, and review potential security exposures.
Required Minimum Education: Bachelor's Degree Computer Science, Cybersecurity, Information Security or equivalent
Required Minimum License:
Required Minimum Certification: Splunk User, Power User, or Administrator
Preferred Certification: GSEC, GCIH, GPEN, GCIA, or other GIAC, Splunk User/Power User/Administrator
Required Minimum Experience: 5 years of Security Operations Center experience or equivalent
Required Minimum Skills:
• Experience with Security Operations Center, network event analysis and/or threat analysis
• Deep understanding of Splunk Enterprise Security
• Experience working as an Incident Responder/Coordinator
• Deep understanding of Incident Response coordination when analysis confirms actionable incident
• Thorough knowledge of security monitoring and incident response of cyber security events in a highly available Security Operation Center (SOC)
• Deep understanding of various security methodologies and technical security solutions
• Experience analyzing security logs from SIEM, Firewalls, Vulnerability Scanners
• Experience monitoring threat feed sources
• Experience with Endpoint Detection Response tools
• Experience tuning and/or configuring Splunk SIEM and vulnerability tools
• Experience authoring Incident Response Playbooks
• Experience and certification in digital forensics
• Microsoft Office Suite (Excel, Word, PowerPoint, Outlook)
• Ability to communicate effectively with fellow team members across the organization
• Effective verbal and technical writing
• Thorough knowledge of common Internet protocols and applications
• Thorough knowledge of HIPAA Security Rule, PCI, NIST CSF, Mitre Att@ck
EEO Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or
