Location: Chicago, IL, United States
Date Posted: May 30, 2023
Security Operation Center Analyst
Companies, investors and government entities around the world turn to Alvarez & Marsal (A&M) for leadership, action and results. A&M’s leadership is about a bias towards action and the willingness to tell clients what we think is needed. Our restructuring heritage sharpens our ability to act decisively. Clients select us for our deep expertise and ability to create and deliver practical, rather than theoretical, solutions to their unique problems in addition to our objectivity.
Privately held since its founding in 1983, A&M is a leading global professional services firm that provides advisory, business performance improvement and turnaround management services. When conventional approaches are not enough to create transformation and drive change, clients seek our deep expertise and ability to deliver practical solutions to their unique problems.
With over 4,500 people across four continents, we deliver tangible results for corporates, boards, private equity firms, law firms and government agencies facing complex challenges. Our senior leaders, and their teams help companies act decisively, catapult growth and accelerate results. We are experienced operators, world-class consultants, former regulators and industry authorities with a shared commitment to telling clients what’s really needed for turning change into a strategic business asset, managing risk and unlocking value at every stage of growth.
We are seeking a Security Operation Center (SOC) Analyst to join our Global Security Office (GSO) team. This position will report into the GSO SOC Manager and the job holder will be based out of the US.
Responsible for working in a global 24x7 Security Operation Center (SOC) environment which consists of an in-house and outsourced SOC.
Able to participate on an on-call rotation.
Perform real-time alert monitoring and risk mitigation.
Provide analysis and trending of security log data from a large number of heterogeneous security devices across different layers.
Provide Incident Response (IR) support when analysis confirms actionable incident from the outsourced SOC and internal systems.
Provide threat and vulnerability analysis as well as security advisory services.
Analyze and respond to previously undisclosed software and hardware vulnerabilities.
Investigate, document, and report on information security issues and emerging trends.
Integrate and share information with other analysts and teams.
Participate in security projects and assist network operations and engineering teams.
Other tasks and responsibilities as assigned through ticketing system.
Bachelor's degree in a related field (Security, Forensics or Computer Science is preferred)
At least 4 years of experience as a security analyst, incident handler/responder, security engineer or penetration tester.
Excellent knowledge of security methodologies, processes (like Kill chain/diamond models and MITRE ATT&CK framework).
Excellent knowledge of technical security solutions (firewalls, SIEM, NIDS/NIPS/HIDS/HIPS, AVs, DLP, proxies, network behavioral analytics, endpoint and cloud security).
In depth knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS and HTTP Protocols, network analysis, and network/security applications.
Very good knowledge of common malware threats and attack methodologies.
Professional Certifications: GCIA, GCIH, GCFE, GCFA, Security+, CCNA CyberOps, OSCP, GPEN, GWAPT, CEH, CISSP or other equivalent certifications are highly desirable.
Accountable for successful completion of multiple, individual projects simultaneously.
Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.
Manage change and demonstrate adaptability by embracing change and adjusting priorities or processes and approach as needs dictate.
Work independently as a team representative in the allocated region as well as show excellent teamwork skills.
Ability to develop thorough documentation and operational playbooks in addition to suggest alert enhancements to improve detection capability.
Experienced in working with external vendors and third parties.
Good understanding of system and network hardening practices.
A&M’s entrepreneurial culture celebrates independent thinkers and doers who can positively impact our clients and shape our industry. The collaborative environment and engaging work—guided by A&M’s core values of Integrity, Quality, Objectivity, Fun, Personal Reward, and Inclusive Diversity—are the main reasons our people love working at A&M. Inclusive Diversity means we embrace diversity, and we foster inclusiveness, encouraging everyone to bring their whole self to work each day. It runs through how we recruit, develop employees, conduct business, support clients, and partner with vendors. It is the A&M way.
It is Alvarez & Marsal’s practice to provide and promote equal opportunity in employment, compensation, and other terms and conditions of employment without discrimination because of race, color, sex, sexual orientation, gender identity, family medical history or genetic information, political affiliation, military service, pregnancy, marital status, family status, religion, national origin, age or disability or any other non-merit based factor or any other characteristics in accordance with all applicable laws and regulations.
Please note that as per A&M policy, we do not accept unsolicited resumes from third-party recruiters unless such recruiters are engaged to provide candidates for a specified opening and in alignment with our Inclusive Diversity values. Any employment agency, person or entity that submits an unsolicited resume does so with the understanding that A&M will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person or entity.