Senior SOC Analyst/Engineer, Security Operations Center (SOC)

Atrilogy solutions Group is seeking a Senior Security Operations Center Analyst/Engineer for a direct-hire opportunity for our direct client in the Live Entertainment Industry. This role will be WFH flexible, will require some days onsite at our clients location in Downtown LA. Title: Senior SOC Analyst/Engineer, Security Operations Center (SOC) As part of a cross-functional CISO Organization, the Senior SOC Analyst/Engineer (Security Operations) is responsible for security operations including log analysis, application security analysis, vulnerability analysis, incident response, and threat analysis. This role evaluates the type and severity of security events leveraging their in-depth knowledge of exploits and vulnerabilities and works with the Senior Security Engineer in investigating and responding to security incidents. This role works across other IT functions including application development to assist with application and infrastructure security testing to identify application vulnerabilities and remediation methods. The Senior Security Engineer works with the Information Risk & Compliance team to analyze threat models and security requirements to ensure implementation of technology appropriately mitigates risks. This role is responsible for managing multiple projects while maintaining technical currency with emerging security technologies.

• Monitor and respond to information security incidents and support the Information Security & Compliance team in security investigations leveraging insourced and outsourced tools and services.
• Build and analyze reports compiled from various security tools to identify and anticipate patterns of attack and manage and report on the overall threat landscape.
• Work with Security Engineering and Operations team to build, maintain and operate the Security Operations Center and blend information gathered from internal knowledge, professional network and Managed Security Service Providers.
• Develop and maintain the Incident Response plan including procedures for incident response, forensic investigation and mitigation of security events.
• Track and report metrics which may include Mean Time to Detection (MTTD), Mean Time to Resolution (MTTR), Total alerts/incidents per month, Types of alerts/incidents, escalation breakdown, significant SNOW tickets, and others as required
• Review and document security related change requests and advise management on approval decisions.
• Respond to alerts, perform remedial actions, prioritize, investigate, and escalate responses according to the Our Client's Incident Response Policy and Our Client's Incident Playbooks
• Collaborate with peers across affiliate companies to share incident information, solutions and best practices
• Maintain technical currency and continuously leverage opportunities to strengthen skills and broaden expertise.

• Experience in working with security operations tools including anti-malware, AV, IPS/IDS, SIEM, CASB, SSO, MFA, Spam filtering, DLP.
• Experience in managing and operating vulnerability/patch management processes and tools.
• Experience with security industry standards (ISO 27001, NIST Cybersecurity Framework) and best practices
• Experience working across teams to prevent, identify, and effectively recover from security incidents.
• Proven experience identifying vulnerabilities, anticipate threats, and leveraging a practical approach to reduce the likelihood or impact of a breach.
• Experience developing automated response through Azure workbooks and automation Preferred
• Security Tool Experience (Carbon Black, Netskope, Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft Compliance, or similar) Preferred
• PCI compliance experience (knowledge of how to secure infrastructure, systems, and applications for PCI compliance) Preferred
• Cloud experience securing workloads, network security groups, and VMs in Microsoft Azure. Preferred