SOC Analyst (Third Shift)
Discover. A more rewarding way to work.
At Discover Financial Services, you’ll find yourself in the company of some of the industry’s smartest and most reliable professionals. And at a company that rewards dedication, values innovation and supports growth.
Thrive in an environment that promotes teamwork and shared success. Build on a foundation of mutual respect. Join the company that understands rewarding careers like no other, with this exceptional opportunity:
The Discover Security Analytics & Incident Detection team is looking for new and qualified security analysts to join our ranks. Our team serves alongside other teams in Information Security as experts in the detection and analysis of all technology-related security incidents. We employ a multitude of enterprise-grade security solutions to achieve our goals. Our primary mission is the timely and accurate identification of incidents, mastery of the technologies and information we analyze, maintaining expert-level knowledge of detection tools and techniques, and proper escalation/hand-off of incidents for response and containment.
Were looking for talented, self-motivated professionals who have a strong passion for information security– and a burning desire to learn. Were interested in people who enjoy being challenged on a daily basis to stay one step ahead of an ever-changing landscape of threats and adversaries. Were also looking for individuals that are interested in working both collaboratively and independently to hunt down and identify anomalous and malicious activity, wherever it may be. Whether youre a seasoned information security professional or new to the field, were looking for new team members to join us in guarding our enterprise as the last and ultimate line of defense.
- Building and maintaining custom security detection logic to analyze and correlate information to produce meaningful, actionable results
- Monitoring of events & alerts from a multitude of technologies to detect malicious activity
- Detailed analysis using a variety of tools and techniques to investigate, navigate, correlate and understand security incidents to the fullest extent of the data available
- Tuning of rules, filters and policies for detection-related security technologies to improve accuracy and visibility
- Data mining of log sources to uncover and investigate anomalous activity, along with related items of interest
- Maintaining documentation of logic, rules, policies, and procedures
- Proper escalation and hand-off of security incidents for containment and remediation
- Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required standards and processes.
- Working knowledge of common operating systems (Windows, Linux, etc.) and basic endpoint security principles
- Knowledge of (or a strong desire to learn) common networking services and protocols (TCP/IP, SSH, FTP, DNS, DHCP, SMTP, SSL, etc.)
- Rudimentary understanding of (or a strong desire to learn) common security technologies (IDS, Firewall, SIEM, etc.)
- Exceptional organizational abilities and attention to detail
- The ability to think creatively to find elegant solutions to complex problems
- Excellent verbal and written communication skills
- The desire to work both independently and collaboratively with a larger team
- A willingness to be challenged along with a strong appetite for learning
- The ability to work in a 24×7 shift-based operation
- The flexibility to adjust shift schedule based on the needs of the team
- 1-3 years of experience in Information Security, Incident Response, etc. (or related field)
- Prior experience detecting, analyzing and/or responding to security incidents
- Demonstrated ability to analyze and correlate information from a wide variety of enterprise technologies
- Hands-on experience with common security technologies (IDS, Firewall, SIEM, etc.)
- Knowledge of common security analysis tools & techniques
- Understanding of common security threats, attack vectors, vulnerabilities and exploits
- Knowledge of data science, data visualization, mathematics, and/or statistics
- Programming experience (Python, Perl, etc.)
- Knowledge of regular expressions
CompTIA Network+/Security+, CISSP, GIAC (GCIA, GCIH, GSEC, GPEN, GREM, etc.), OSCP, CEH, etc.
Responsibilities include:Monitoring of events & alerts from a multitude of technologies to detect malicious activityDetailed analysis using a variety of tools and techniques to investigate, navigate, correlate and understand security incidents to the fullest extent of the data availableTuning of rules, filters and policies for detection-related security technologies to improve accuracy and visibilityData mining of log sources to uncover and investigate anomalous activity, along with related items of interestMaintaining documentation of policies and proceduresProper escalation and hand-off of security incidents for containment and remediation
Discover Financial Services is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, among other things, or as a qualified individual with a disability.