SOC Cyber Security Analyst
Area of InterestEngineer - Network
Technology InterestNetworking, Security
SOC Cyber Security Analyst I
The Business Entity
Cisco’s Customer Experience (CX) group provides full lifecycle services for Cisco’s top customers through delivery of advisory, integration, and Managed Security Services. Complementing the strongest portfolio of security products, Cisco is in a unique position to deliver security outcomes for its customers. As a global business unit under CX, Cisco Managed Services (CMS) seeks to solve the most critical challenges of our customers throughout the world through high value services throughout their security journey.
CMS desires to have a Security Analyst I join its Security Operations Center (SOC) as part of the threat detection and response team. CMS provides tailored security services targeting the MSSP/EDR market. The Security Analyst I will be responsible for providing case triage and preliminary incident handling for our customer base.
Who is Cisco:
At Cisco, each person brings their unique talents to work as a team and make a difference. Yes, our technology changes the way the world works, lives, plays and learns, but our edge comes from our people.
We wish to, “Shape the future of the Internet by creating unprecedented value and opportunity for our customers, employees, investors, and ecosystem partners.”
We will do this by, “Changing the Way We Work, Live, Play, and Learn.”
We connect everything securely – people, process, data and things – and we use those connections to change our world for the better.
We innovate everywhere - from launching a new era of networking that adapts, learns and protects, to building Cisco Services that accelerate businesses and business results. Our technology powers entertainment, retail, healthcare, education and more – from Smart Cities to your everyday devices.
We benefit everyone - We do all of this while striving for a culture that empowers every person to be the difference, at work and in our communities.
What our SOC values:
- Technical Excellence
- Customer Obsession
- Collaboration and Teamwork
- Perform initial case triage, gathering additional information as needed to determine if the case warrants further investigation
- Follow established processes for case investigation, maintaining proper case documentation as investigations are conducted
- Collaborate with and support other team members in case investigations
- Identify and communicate practical ways that processes could be improved (or even automated) or that tools could be enhanced to get you on target faster and help you deliver better results for our customers
- Vigilantly protect Customer data confidentiality and integrity
- Monitor for and report any issues with SOC platform operations
- Maintain adherence to corporate and SOC standards, processes and procedures
- Contribute to the daily shift turnover reports
- Work with your manager to develop and execute a plan for continuous learning
- Excellent verbal and written communication
- Excellent problem-solving and technical skills
- Fundamental understanding of TCP/IP and core application layer protocols
- Fluency with Windows operating systems and command line tools
- Knowledge of foundational security principles
- Strong analytical mindset with acute attention to detail.
- General understanding of modern adversary tactics, techniques and procedures
- Passion for cybersecurity and staying up-to-date with current threats, tools and techniques
- Flexibility – Willingness to deal with a high level of ambiguity and change and to pitch in where needed; because this is Cyber Security and change is the only constant.
- Scripting or coding skills in languages like Java or Python not required but are a huge plus.
- Ability to work as part of a diverse, global team
Education and Experience
- 2 or 4 year degree in a technical field (Computer Science / Computer Security / Cybersecurity / Computer Networking) or equivalent
- 2+ years of professional experience in the IT security industry (desired)
- Suggested Certifications:
- CompTIA Security+, Cisco CyberOps Associate, Sourcefire Certificed Professional (SFCP)
- SANS: GCIA, GSEC
Colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Be you, with us! #WeAreCisco
Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis.
Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.
The health and safety of Cisco's employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco may require new hires to be fully vaccinated against COVID-19 if the role requires business-related travel, meeting with customers/partners (including visiting third-party sites on behalf of Cisco), attending trade events, and Cisco office entry, unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.