Perform initial triage, investigation and escalations. Investigate alerts and alarms to provide details for incident partner teams.
Act as part of the Security Operations Center (SOC) Team that supports the point of contact for investigation and remediation.
Processes vulnerability and threat data from a variety of sources to provide actionable intelligence to internal consumers;
implement countermeasures and maintain and enhance the defenses for our information systems and resources. SOC Analyst 1’s keep it possible for the organization to defend its assets with clear vision and situational awareness in a persistent, dynamic, and highly complex threat environment.
Monitor IT Security Tools to protect infrastructure and communicate security events and incidents to applicable Computer Security Incident Response Team personnel and / or management and recommend security actions per procedures where required.
Perform investigations on mixed Linux and Microsoft Windows environments, including network devices, databases, web services, and enterprise applications.
Coordinate with infrastructure support teams to maintain / trouble shoot security tools and monitoring integrity.
Provide SOC services for domestic and international clients as required in support of American Express Global Business Travel customers.
Working rotational shifts (1st, 2nd, 3rd)
Working as part of a team with similar tasked Analysts in a diverse, engaging, supportive and respectful manner.
Maintain and create metrics for CIRT functions.
Monitor and check work products to verify consistency and policy compliance.
Recommend software tools and / or other solutions for technical challenges involving IT Security processes.
Required Skills :
Understanding of security concepts and techniques
Demonstrated knowledge of networking (TCP / IP, topology, and security), operating systems (Windows / UNIX), and web technologies (IIS, Apache)
Ability to read and understand system data, including, but not limited to, security event logs, system logs, and firewall logs.
An ability to work weekends, holidays, or alternate non-traditional schedules and shifts.
Grasps and applies new information quickly and handles more complex assignments
Shows initiative on assignments, exercises independent judgment and professionally executes projects with little direction
Desired Skills :
Traditional network monitoring experience (packet / protocol analysis)
Hands-on administrative experience with major operating systems
Foundational experience in any of the following areas of information technology, to include hardware, networking, architecture, protocols, file systems and operating systems
Foundational experience in any areas of cyber security operations, such as attack surface management, SOC operations, Intrusion Detection / Intrusion Prevention Systems (IDS / IPS), threats (including APT, insider, etc.
vulnerabilities, and exploits; incident response, investigations and remediation
Industry certifications in cyber security (such as but not limited to CISSP, GSEC, and / or Sec+)
Industry certifications in networking (such as but not limited to CCNA, CWNA and / or Net+)
Experience with SIEM technologies.
Knowledge of trouble isolation, log analysis, data and event correlation and analysis.
Prior experience creating and maintain operational reports for Metrics.
Scripting languages and technologies (Python, Ruby, Java)
United Kingdom, London
It is our policy to provide equal employment opportunities to all individuals based on job-related qualifications and ability to perform a job, without regard to age, gender, gender identity, sexual orientation, race, color, religion, creed, national origin, disability, genetic information, veteran status, citizenship or marital status, and to maintain a non-
discriminatory environment free from intimidation, harassment or bias based upon these grounds.
GBT Recruitment Privacy Statement