Security Operations Center (SOC) Analyst
4 days left
- Career Level
- Not Specified
Build your career. It's all right here.
We are a company of individuals with hopes, plans and passions, all using and developing our talents for good, at work and in life. Employees can be a force for good only when they are working at the top of their ability, learning new skills and challenging themselves with new responsibilities. Allstate's Enterprise Talent Market was developed with that in mind, to help you reach your full potential.
The Security Operations Center (SOC) Analyst is responsible for monitoring multiple security technologies using the ArcSight Security Information and Event Management (SIEM) tool to detect IT security incidents. The analyst will follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents-Monitor multiple security technologies, such as IDS/IPS, syslog, file integrity, vulnerability scanners. -Correlate and analyze events using the ArcSight Security Information and Event Management (SIEM) tool to detect IT security incidents. -Follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents. -Provide 24x7 operational support for escalations on a rotating basis.
Monitor multiple security technologies, such as IDS/IPS, syslog, file integrity, vulnerability scanners. -Correlate and analyze events using the ArcSight Security Information and Event Management (SIEM) tool to detect IT security incidents. -Follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents. -Provide 24x7 operational support for escalations on a rotating basis.
The ideal candidate will have 2-5 years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and log analysis, intrusion detection, or firewall administration. They should also have 2-5 year's experience of one of the following: engineering -System administration on Unix, Linux, or Windows.
In addition, the ideal candidate must have the following knowledge / experience:
- Moderate to Advanced event analysis leveraging SIEM tools (ArcSight preferred)
- Moderate incident investigation and response skill set
- Moderate log parsing and analysis skill set
- Moderate knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc.)
- Moderate knowledge of malware operation and indicators
- Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)
- Moderate knowledge or IDS/IPS systems
- Moderate knowledge of Windows and Unix or Linux
- Moderate knowledge of Firewall and Proxy technology
- Basic to Moderate knowledge of penetration techniques
- Basic to Moderate knowledge of DDoS mitigation techniques
- Basic knowledge of Data Loss Prevention monitoring
- Basic experience with scripting
- Basic knowledge of forensic techniques
- Basic to Moderate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)
- Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc.)
- Experienced in mentoring and training junior analysts
- Security Certifications Preferred (Including but not limited to the following certifications):
- Certified Incident Handler (GCIH)
- Certified Intrusion Analyst (GIAC)
- Certified Ethical hacker (CEH)
- Certified Expert penetration tester (CEPT)
- Networking Certifications (CCNA, etc.)
- Platform Certifications (Microsoft, Linux, Solaris, etc.)
Good Work. Good Life. Good Hands®.
Allstate is where good people can build a rewarding career and we provide the resources you need to succeed, both personally and professionally. Our culture and employee programs have also drawn praise from outside organizations like Working Mother magazine, LATINA Style and Black Enterprise. Learn more about the resources, benefits, and programs Allstate has to offer you under the MyWorkLife tab on MyDesktop.
Hear what other Allstaters think. Follow us on Twitter, Facebook, Instagram and LinkedIn or watch a video.
Please note, to be fully considered for this opportunity you must attach an updated resume to your profile when you apply, and if applicable, include:
- Your updated Allstate position(s) and titles, specific experiences and skills developed
- Committee/subgroup work
- Talent Share opportunities
- Completed programs/coursework
Visit "Managing Your Career" located under MyWorkLife (via MyDesktop) to further enhance your career profile and development goals.
Allstate generally does not sponsor individuals for employment-based visas for this position.
Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.
For jobs in San Francisco, please see the notice regarding the San Francisco Fair Chance Ordinance.
It is the policy of Allstate to employ the best qualified individuals available for all jobs without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity/gender expression, disability, and citizenship status as a veteran with a disability or veteran of the Vietnam Era.