We’re Hiring

Visual Connections, LLC seeking a CSOC Tier 3 Cybersecurity Analyst.

Duties:

• Work with detection engineering team to onboard and operationalize new cloud detection tools include Azure Sentinel, AWS Guard Duty, Netskope CASB etc.  

• Develop playbooks for cloud incident response. 

• Lead and actively participate in the investigation, analysis, and resolution of Tier 3 and escalated cybersecurity incidents. Analyze attack patterns, determine the root cause, and recommend appropriate remediation measures to prevent future occurrences. 

• Serve as a cloud subject matter expert in handling incidents of varying complexity, providing guidance and support to Tier 1 and Tier 2 analysts during investigations.  

• Ensure accurate and detailed documentation of incident response activities, including analysis, actions taken, and lessons learned. Collaborate with knowledge management teams to maintain up-to-date incident response playbooks.  

• Collaborate effectively with cross-functional teams, including forensics, threat intelligence, IT, and network administrators. Clearly communicate technical information and incident-related updates to management and stakeholders. 

• Develop and operationalize advanced security analytics use cases to detect and respond to sophisticated cyber threats in real-time. 

• Monitor the performance of security analytics and automation processes regularly, identifying areas for improvement and taking proactive measures to enhance their efficacy. 

• Leverage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response processes, including enrichment, containment, and remediation actions. 

• Support the mentoring and training of more junior IR staff. 

• Stay informed about the latest cybersecurity threats, trends, and best practices. Actively participate in cybersecurity exercises, drills, and simulations to improve incident response capabilities. 

Requirements:

• Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field (or equivalent work experience)  

• 5+ years of experience supporting large-scale IT related projects  

• 3+ years of experience supporting incident response in an enterprise-level Security Operations Center (SOC) that includes monitoring of cloud environments.   

• A deep understanding of cybersecurity principles, incident response methodologies, and a proactive mindset to ensure our SOC operates effectively in a high-pressure environment.  

• Industry certifications, such as CISSP, GCIH, GCFA, CEH, or equivalent, are highly desirable    

• Strong experience with security technologies, including SIEM, IDS/IPS, EDR, and network monitoring tools  

• Experience with enterprise ticketing systems like ServiceNow   

• Excellent analytical and problem-solving skills.  

• Ability to work independently and in a team environment to identify errors, pinpoint root causes, and devise solutions with minimal oversight.  

• Ability to learn and function in multiple capacities and learn quickly.  

• Strong verbal and written communication skills   

Fulltime remote