Join the team
SOCBOX is an exciting and fast-growing cybersecurity company headquartered in San Diego! As entry-level cybersecurity professionals, our analysts are a vital part of our team.
Cybersecurity Analysts will be working from a Security Operations Center analyzing attacker behavior and methodologies. Analysts will look for anomalies and search for data breaches. When suspicious behavior is detected, it will be researched, verified, and documented. Incidents are then communicated to the IT department and direction is provided on remediation. This position has a unique schedule, with 12-hour shifts. This schedule would mean 3 days on/4 days off, then 4 days on/3 days off for alternating weeks. Two shifts are available:
Shift A: 12AM — 12PM
Shift B: 12PM — 12AM
We are looking for candidates that like to work in a team environment and that know how to communicate and document well. Cybersecurity Analysts will need to help simplify issues and provide direction to IT departments. Candidates should be trustworthy, honest, moral and focused on doing what is best for the client. We need self-motivated professionals; we are a team of A-players only and we look forward to expanding that team.
- Applicants must be currently authorized to work in the United States for any employer
- Must consent to regular background checks and drug testing.
- Willing to work rotating shifts
- Experience or knowledge in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks, and one or more of the following:
- Knowledge of computer intrusion analysis and incident response
- Intrusion detection
- Knowledge and understanding of network devices, multiple operating systems, and secure architectures
- Working knowledge of network protocols and common services such as DNS, FTP, email, CP/ICMP/UDPSystem log analysis
- Understanding of network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
- Understanding of managing, responding to and resolving situations caused by network attacks
- Experience using current monitoring technologies such as: SourceFire-SNORT, ArcSight, or NetScout, Rapid7, Fireeye, etc.
- Ability to assess information of network threats such as scans, computer viruses or complex attacks
- Understanding of NIDS (Network IDS) and HIDS (Host-based IDS)
- Working knowledge of WAN/LAN concepts and technologies
- Working knowledge of Linux/Unix, including scripting, and basic system administration.
- Knowledge of signature development
- IDS/IPS Signature Analysis, Development and Testing
- SIEM content Analysis, Development and Testing
- Familiarity with packet analysis to include:
- HTTP Headers & Status codes
- SMTP Traffic & Status codes
- FTP Traffic & Status Codes
- DNS Queries
- PKI Certificate Exchange
- Bachelor of Science Degree with a major in Computer Science/Computer Engineering, Engineering, Science, or
- Industry certifications, or
- Related field or equivalent combination of education and experience.
Please submit your resume here.