SOC Engineer

Ariento Overview:

Secure, regulatory compliant IT starts here. Ariento is a leading B2B cybersecurity, information technology (IT), and compliance service provider. From consulting to fully outsourced services and more, Ariento gives business owners and executives one less thing to worry about in today's interconnected digital world.

Role Overview:

We’re looking for a Senior SOC Engineer with expertise in SOC Operations strong understanding on SIEM, EDR, SOAR & Threat Intelligence solutions. This role requires requires strong technical and time management skills.

Your Key Responsibilities

• Performs log analysis. Writes regex queries in SIEM.
• Performs deep-dive incident analysis by correlating data from various sources
• Determines if a critical system or data set has been impacted
• Advises on remediation. Builds, maintains and updates runbooks.
• Provides support for new analytic methods for detecting threats
• Supports tactical and technical activities on network and assists with all technical aspects of the incident detection, assessment, containment, eradication and recovery including the incident triage, establishing Containment, Eradication and Recovery plans of action and change activities Required Skills
• Strong experience with SIEM tools such as IBM Qradar, Splunk, LogRhythm, Microsoft Sentinel, Sumo Logic and others.
• Knowledge on correlation rules and metadata
• Understanding on the incident management process.
• Experience on system hardening, vulnerability assessment and penetration testing
• Working knowledge on the IT components such as Firewalls, IPS/IDS, UTM, Routers, Switches, Antivirus, EDR, Microsoft 365
• Knowledge on content filtering, URL filtering, authentication techniques
• Knowledge on various threats, attacks and vulnerabilities.
• Expertise on TCP/IP network traffic and event log analysis
• Participate in incident response as a technical lead.

Qualifications

• Strong experience with SIEM tools such as IBM Qradar, Splunk, LogRhythm, Microsoft Sentinel, and others
• Knowledge on correlation rules and metadata
• Understanding on the incident management process
• Experience on system hardening, vulnerability assessment and penetration testing
• Working knowledge on the IT components such as Firewalls, IPS/IDS, UTM, Load Balancers, Routers, Switches, Antivirus, Windows Servers and Linux Servers
• Knowledge on content filtering, URL filtering, authentication techniques
• Knowledge on various threats, attacks and vulnerabilities
• Expertise on TCP/IP network traffic and event log analysis
• University degree in Computer Science, Cybersecurity, Software Engineering, or a related field
• Proven experience with 5+ years as a SOC Analyst/Engineer
• Strong command on verbal and written English language
• Demonstrate both technical acumen and critical thinking abilities
• Strong interpersonal and presentation skills
• Certification in any of the SIEM platforms
• Local to Franklin, TN or able to commute