SOC Analyst - US Government

SOC Analyst - US Government

US Citizenship required

Behind every mission-critical Cloud service is a sophisticated SaaS architecture supporting the largest companies in the world, employing the most advanced software engineering. We are proud to support those services and team with customers who depend on them, continually innovating and challenging the status quo. Our team environment is progressive, flexible, professionally challenging, rewarding, and fun.

We are looking for experienced security analysts to join our efforts in reshaping the cloud services landscape across industry verticals to revolutionize the delivery of Cloud Services to the world’s most critical organizations. The SaaS Cloud Security (SCS) organization is responsible for securing enterprise-grade software services on behalf of our 25,000 customers, processing over 60 billion transactions per day.

We maintain a team of security analysts in the US that can work across 24x7x365 shifts to carry out activities in the areas of monitoring and detection and response to protect the Oracle SaaS environment. The team collectively covers the breadth and depth of: monitoring for Indicators of Compromise, being up to date with latest industry trends and Threat Intelligence, and escalating identified incidents for the attack remediation, evidence collection, and forensics efforts. The ideal candidate will also have experience with automating SOC workflows and using AI and automation tools to perform cybersecurity procedures.

Career Level - IC3

Responsibilities/Tasks

• Collectively cover 24x7x365 shifts for the continued monitoring of the Oracle SaaS security posture.
• Ensure the confidentiality, availability, and integrity of Oracle Cloud data and systems.
• Respect and protect customer data.
• Monitor security controls to detect and prevent infiltration of company systems and exfiltration of company data by adversaries.
• Correlate data from disparate log sources to determine a baseline and generate alerts based on behavior-based indicators.
• Provide management with monitoring reports and trend analysis.
• Triage security events and determine whether they must be escalated to SCS Detection and Response Team.
• Support incident response efforts as an Oracle Cloud SOC Analyst though the monitoring of system events, utilization of security tools, and application of SOC policies and procedures.
• Provide excellent customer service to Oracle Cloud Operations teams reporting policy violations, potential incidents, and requesting security solution support.
• Automate SOC workflows using a variety of tools.
• Perform other duties as assigned.

Desired Qualifications

• University degree preferred, not required.
• Prefer to meet DoD 8140 Cyber Defense Analyst qualifications.
• Experience in information security and technical aspects.
• Two or more years of experience in utilizing enterprise security solutions including but not limited to SIEM, security detection and response tools, and endpoint security products.
• Ability to analyze attacker tactics, techniques, and procedures (TTPs).
• Strong log analysis, deduction, analytical, and problem solving skills.
• Self-starter and self-sufficient, doesn’t need to be micro-managed.
• Excellent team player, willing to share knowledge and skills with peers.
• Knowledge of Information Security standards and access controls such as ISO27001/2, PCI DSS, and other international standards.
• Possess the ability to adjust and adapt to changing priorities in a dynamic environment.
• Strong technical experience with Linux or similar Unix platforms (Oracle Linux, CentOS, RHEL, Solaris, BSD), macOS, and Windows.
• At least 2 years experience as a network analyst or systems administrator.
• Experience with automating SOC workflows using a SOAR tool or scripts.
• Strong knowledge of Oracle systems and software.
• Strong organizational skills and detail-orientation essential.
• Strong presentation, written and verbal communication skills.
• Knowledge of virtualization and scripting.
• Hold or ability to obtain TS/SCI clearance for Critical-Sensitive Positions; FS Poly clearance highly desirable.

Key Skills/Competency

• Security Monitoring
• Incident Detection
• Threat Intelligence
• SIEM Platforms
• Endpoint Security
• Log Analysis
• SOC Automation
• Linux/Unix Administration
• Network Analysis
• Security Controls