<p>Kforce has a client in Orlando, FL that is seeking a SOC Tier II-III. As a member of the professional staff, this person contributes general knowledge and skill in a discipline area (e.g. Accounting, Finance, Human Resources, Information Resources, Operations Planning & Support, Sales & Marketing) to support team and/or department objectives. Generally, the SOC works under limited supervision, but within established guidelines, producing and analyzing more complex business information to assist in the decision-making process.</p> <p>Responsibilities:</p> <ul> <li>Supporting incident response activities leveraging expertise to monitor and analyze security events, investigate incidents, and provide advanced threat detection and response </li><li>Collaborating closely with other SOC analysts and security team members to triage and escalate security incidents as necessary, ensuring timely resolution and minimizing impacts </li><li>Fine-tuning detection mechanisms, developing playbooks, and conducting thorough forensic analysis to identify root causes and mitigate future risks </li><li>Contributes to continuous improvement initiatives by providing insights and recommendations based on findings; A proactive approach and technical proficiency are crucial in safeguarding company systems and data against evolving cyber threats </li><li>Responds to, solves and makes decisions on more complex/non-routine business requests with limited to moderate risk </li></ul> <p>Assists more senior associates in achieving business results by</p> <ul> <li>Identifying opportunities to enhance the effectiveness of business processes </li><li>Participating in setting department operating plans </li><li>Achieving results against budget within scope of responsibility </li><li>Demonstrates an awareness of personal strengths and areas for improvement and acts independently to improve and increase skills and knowledgeCertifications Preferred: </li><li>Splunk Core Certified User </li><li>Splunk Certified Cybersecurity Defense Analyst </li><li>Certified Cyber Threat Hunter (CCTH) </li><li>GIAC Certified Intrusion Analyst (GCIA) </li><li>Certified Ethical Hacker (CEH) </li><li>3-5 years of experience in cyber security field </li><li>1+ years of experience in a Threat Intelligence or Threat Hunter role </li><li>Analytical and Strategic Thinking skills </li><li>Exceptional analytical skills to interpret complex data and identify sophisticated threats </li><li>Basic understanding of cyber threat hunting </li><li>Basic understanding of open-source intelligence (OSINT), industry reports, and internal data </li><li>Experience with one or more of the following tools: Email/Phishing, DLP, IDS/IPS and/or, WAF </li><li>Knowledgeable in security incident response process, network forensics and host-based forensics </li><li>Good Knowledge of EDR tools such as CrowdStrike Falcon, Carbon Black, or similar </li><li>SIEM Platforms: In-depth experience with platforms like Splunk, QRadar, or Sentinel </li><li>Experience in creating logging standards that align with various compliance and best practice requirements to include (but not limited to) Sarbanes Oxley, PCI, and the Mitre Att&ck framework </li><li>Forensic Tools: Basic understanding of forensic tools such as EnCase, FTK, or SIFT Workstation </li><li>Interpersonal skills </li></ul> <p>Experience with</p> <ul> <li>Cyber Frameworks </li><li>DLP </li><li>Splunk </li><li>Carbon Black or any EDR is fine (moving away from this) </li><li>Crowd Strike </li><li>MS EDR </li><li>Any other top Gartner Quad competitors </li><li>SentinelOne </li></ul>