SOC Analyst II
#LI-JK1 #LI-Hybrid
Job Description:
The SOC Analyst II is the first line of cyber defense responsible for detecting intrusion into Norfolk Southern (NS) information systems from internal and external threats . SOC Analyst II will be proficient in monitoring computer security events according to documented procedures and industry best practices. The SOC Analyst II will be expected to perform daily tasks including monitoring, research, classification, and analysis of security events that occur on the network or endpoints. Ideal candidates must have experience and be able to demonstrate proficiency in the following areas e.g., network, client server communications, various security tools and process development. Candidates must have strong multitasking capabilities and be able to evaluate threats, vulnerabilities, and risk while under pressure. The candidates must be able to work in a dynamic, fast paced environment at a highly technical level. Must be available to participate in on-call rotation. The successful candidate will be expected to perform on call duties and be reachable after hours to help augment staff during a cyber incident.
Principal Duties:
- Monitor security events received through alerts from SIEM or other security tools
- Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
- Perform Level 1 &2 triage of incoming issues (initial assessing the priority of the event, initial determination of incident to determine risk and damage or appropriate routing of security or privacy data request)
- Monitor alert and downstream dependencies health
- Prepares briefings and reports of analysis methodology and results
- Perform other duties as assigned
Job Related Experience:
Required Level: 3-4 Years
Education:
Preferred Level: Bachelor's Degree (BS)
Preferred Majors: Computer Science or Information Systems, Specialization in Information Security/Assurance is a plus
Licenses / Certifications:
Preferred: Certified Ethical Hacker (CEH), CompTIA Security+, CompTIA CySA+
Skills Required:
- Scripting or Programming competency
- 1-2 years of related experience in information technology and/or information security preferred. Willingness to learn and continually improve skills to ensure the success of the business and its objectives.
- Process and Procedure adherence
- General network knowledge, TCP/IP troubleshooting
- Ability to trace down an endpoint on the network based on ticket information
- Familiarity with system log information and what it means
- Understanding of common network services (web, mail, DNS, authentication)
- Knowledge of host-based firewalls, Anti-Malware, HIDS
- General Desktop OS and Server OS knowledge
- TCP/IP, Internet Routing, UNIX / LINUX & Windows NT
- Strong analytical and problem-solving skills as well as interpersonal skills to interact with customers, team members and upper management
Skills Desired:
- Network Analysis tools such as Kali Linux
- Knowledge of Netflow, PCAP Analysis
- Zscaler Web Gateway or other Proxy Experience
- Forensics and Malware Analysis familiarity
- SentinelOne Endpoint Protection
- Stealthwatch or other Intrusion Detection and Intrusion Prevention Systems
- Qualys Vulnerability Manager
- Splunk Enterprise Security
Licenses/Certification:
Preferred:
- Certified Ethical Hacker (CEH), CompTIA Security +, CySA+, GCIH
- Security Essentials - SEC401 (optional GSEC certification)
- Continuous Monitoring and Security Operations - SEC511
Work Conditions:
Environment: Office 2 days per week, Telecommute 3 days
Shift Work: No
On-Call: Yes
Weekend After & Afterhours Work: As Required
Travel Required: 0-2 Days per Month
Company Overview
Norfolk Southern Corporation (NYSE: NSC) is a Fortune 300 organization and one of the nation's premier transportation companies. Its Norfolk Southern Railway Company subsidiary operates approximately 19,500 route miles in 22 states and the District of Columbia, serves every major container port in the eastern United States, and provides efficient connections to other rail carriers. Norfolk Southern is a major transporter of industrial products, including chemicals, agriculture, and metals and construction materials. In addition, the railroad operates the most extensive intermodal network in the East and is a principal carrier of coal, automobiles, and automotive parts.
At Norfolk Southern, we believe in celebrating our individuality. By leveraging the unique backgrounds and viewpoints of our employees, we can create a culture of innovation, respect, and inclusion. We know that employees thrive in a workplace where differing viewpoints, ideas, and experiences are freely shared and valued. As such, we encourage all employees to contribute their distinctive skills and capabilities to our organization.
Equal employment opportunities are available to all applicants regardless of race, color, religion, age, sex, national origin, disability status, genetic information, veteran status, sexual orientation, and gender identity. Together, we power progress.