hero

Join the Edison family of high-growth, market-leading companies in financial services, healthcare, enterprise software sectors.

51
companies
374
Jobs

SOC Analyst (Tier 2)

eSentire

eSentire

IT
Waterloo, ON, Canada
Posted on Thursday, January 11, 2024

SOC Analyst (Tier 2)

Waterloo, ON, Canada Req #553
Tuesday, January 9, 2024

About eSentire

eSentire, Inc. is the Authority in Managed Detection and Response, protecting the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats.

Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business-disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk and enables security at scale.

The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts, Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services.


It's our mission at eSentire to protect our customers 24/7/365 and we extend this conviction to job seekers. During the application and interview process, eSentire will communicate with you from one of our corporate "@esentire.com" email addresses, never from a public email address. We strive to provide a welcoming, respectful, and thorough interview process, providing the candidate with ample opportunity to spend time with the hiring manager, recruiter, and future colleagues face to face, or using a video conference technology.

SOC Analyst (Tier 2)

The Global Security Operations Centre (GSOC) is central to eSentire’s Service Delivery Organization (SDO) with a growing team of over 100 passionate members across two SOC locations in Canada and Ireland. The GSOC delivers comprehensive security services to customers worldwide on a 24x7 basis, utilizing best-in-class tooling from both external vendors and internally developed technologies. We are trusted by over 1500 organizations globally to detect and respond to cyber threats and to protect them from business disruption.

eSentire considers employee development, wellbeing, and mental health as top priorities. GSOC Analysts operate on static and predictable 8-hour shifts which offer a healthy work-life balance and are provided with resources to develop and grow their careers.

The successful candidate will perform comprehensive security investigations across network, endpoint, log and cloud security in a fast-paced, dynamic environment, and leverage their expertise to mentor others and contribute to the consistent evolution of service delivery necessary to remain a leader in this ever-evolving industry.

Responsibilities

  • Analyze incoming security signals in real time with a balance of accuracy and speed using a variety of proprietary and third-party tools.
  • Apply investigative tactics, techniques, and procedures (TTPs) using your understanding of the security threats associated with the incoming signals to accurately identify and classify threats.
  • Handle in-depth investigations, digital forensics (network, endpoint, log, cloud), and advanced customer requests, conveying results to customers by e-mail and phone as needed.
  • Investigate security incidents and contribute to incident response reports and after-action reviews.
  • Participate in various internal projects and initiatives to increase SOC efficiency and improve SOC tooling.
  • Perform audits and secondary review of selected signals, following up with analysts and customers when necessary.
  • Block malicious network traffic, isolate infected hosts on customers’ networks, and perform other remediation actions using internal and third-party tools.
  • Support and mentor analysts during investigations or customer inquiries.
  • Identify gaps in processes and procedures and escalate them to leadership.
  • Provide input to our Learning and Development team on training content.

Requirements

  • Relevant degree in Computer Science, IT Security, IT Management, IT Support or related discipline. The completed course must include a strong focus on networking and security.
  • 3+ years' full-time experience in a Security Operations Centre or similar Cyber Security Analysis role excluding time spent on an intern or work experience program.
  • Hands on experience in the following Security domains:
    • Network Security including Intrusion Detection Systems / Intrusion Prevention Systems (IDS/IPS)
    • Windows Endpoint Security, using EDR products such as VMware Carbon Black Standard, CrowdStrike Falcon or SentinelOne
    • SIEM/Log Management, using products such as SumoLogic, Splunk or similar
    • The Microsoft Defender Product Suite including Microsoft Defender for Endpoint, Sentinel, and Defender for Identity
  • Knowledge and experience of technologies including:
    • Windows Sysinternals Tools and LOLBins
    • Advanced Tactics and Techniques such as Lateral Movement and Defense Evasion
    • Linux Kernel and basic scripting (Bash/Python/Powershell) knowledge
    • Cloud Security Fundamentals
    • Understanding of User Identity and Access Management
  • Analytical mind with strong attention to detail and a commitment to quality of service.
  • Strong customer facing written and verbal communication skills with the ability to effectively communicate complex security concepts with end customers.
  • Demonstrated experience to confidently handle escalated customer issues, diffuse challenging situations and deliver an optimal customer experience.
  • Natural ability to thrive in a fast paced and time sensitive environment.
  • Ability to work in an operational/shift-based environment with flexible working hours to include evenings and weekends.
  • Industry Certificates such as CEH, CCNA CyberOps, CISSP, or other similar industry standard certifications would be an asset.

Why a Career with eSentire?

Our Culture: At eSentire we work in a collaborative and innovative work environment. We work with brilliant and passionate people who strive and encourage others to do their best. eSentire’s idea-rich environment welcomes creative and sometimes unconventional perspectives!

Growth Opportunities: At eSentire you will have the opportunity to grow and make an impact from your work. We encourage innovation in all who become a part of our team. With growing operations internationally, there are many lateral and upward advancement opportunities for rewarding and developing careers with eSentire. We’re strong believers in continuing education and provide the resources that you need to continue learning.

Employee Perks: We provide breakfast, snacks and refreshments (at our physical office locations in Waterloo, London, and Cork), flexible working hours and vacation, company-wide equity and bonus programs, subsidies for continuing education and health & wellness, and attractive compensation and benefits plans. We make it our obligation to the team to stay current with compensation trends in the tech field!

We thank all applicants in advance for applying. Only individuals selected for interviews will be contacted.

eSentire is committed to creating a fair work environment that is aligned with the Accessibility for Ontarians with Disabilities Act (AODA). We guarantee equal treatment and provide opportunities regardless of race, creed, color, religion, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, status as a protected veteran or any other legally protected grounds and will not discriminate on these basis. If you have any accessibility requirements during the recruitment process, please reach out to our HR team at aoda@esentire.com and any accommodation needs will be addressed upon request.
#LI-J
#LI-Hybrid

Other details

  • Job Family Security - Internal
  • Pay Type Salary