About us: RKON is an ISO 27001 and AICPA SOC 2 Type II certified company that specializes in providing IT migration and transformation services for the mergers and acquisition market. RKON is looking for ambitious professionals to join our award-winning team. We have a proven track record for finding and developing top talent with people that believe they can achieve something greater. We also pride ourselves on fostering an environment where initiative, creative thinking, and collaboration are encouraged and rewarded—a key reason for the extraordinary level of service we deliver to our customers.

About the position: RKON is seeking a Cyber Security Analyst to work on the client-facing Security Operations Center (SOC) – Assurance and Response Team. This position requires a motivated fast learner, who is able to work within key vulnerability and security information event management functions to identify, analyze, and remediate potential threats to the environment. The candidate will require security industry knowledge that evolves with current and emerging vulnerabilities and threats, as well as an ongoing understanding of key business and technological processes. This position will report to the SOC Lead Security Analyst.

In this role you will perform key client-facing managed security services activities including identification of assets, scanning for infrastructure and application vulnerabilities, and security monitoring. In addition, you will perform investigations and conduct analyses of events in order to thwart internal and external threats to the environment. You will collaborate on an ongoing basis with clients’ key contacts and stakeholders to support detection, triage, incident analysis, containment, remediation, and reporting of vulnerabilities, events, and escalated incidents while coordinating business priorities, emerging and actual threats, and best practices to ensure confidentiality, integrity, and availability of the client’s information assets.

You will be responsible for the following:

• Assist in establishing a mature and optimized Security Operations Center discipline to support managed security services focused on client-facing vulnerability and security information event management engagements.
• Perform threat hunts that target known vulnerabilities, threats, and other attack vectors.
• Assist in security console tuning.
• Assist in development and knowledge sharing within the team.
• Act as an internal information security consultant to the business and technology units, advising on risks, threats, and control practices related to SOC - Assurance and Response.
• Conduct operations surrounding cyber security incident response technologies including network logging and forensics, security information and event management tools, security analytics platforms, log search technologies, and host-based forensics as applicable.
• Collaborate and serve as liaison to key security vendor solution partners.
• Collaborate with RKON and client technical leads and Subject Matter Experts including Engineering, Operations, Service Desk, Applications, and client key stakeholders on matters related to security scanning and monitoring across a global footprint.
• Detect, respond, mitigate, and report on cyber threats/incidents that may impact the environment.
• Utilize analytics to identify potential vulnerabilities and threats to the environment.
• Participate in security incidents and act as the technical Subject Matter Expert during significant security incidents.
• Conduct scanning and monitoring activities to provide in depth visibility into potential known and unknown vulnerabilities and threats that may pose risk to the RKON and client environments.
• Resolve problems independently and understand escalation procedures.
• Adhere to RKON company and client policies, procedures, and security practices.
• Document actions in cases to effectively communicate information to internal and external stakeholders as well as for historical retrieval.
• Respond to clients in a timely manner (within documented SLA) with thorough and concise analysis and recommended actions.
• Analyze and respond to security threats from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Endpoint Detection and Response (EDR), Network Detection and Response (NDR), Email Security, Cloud Security, and other security threat data sources.
• Identify and remediate infrastructure and application vulnerabilities identified in continuous scanning exercises and assist with risk prioritization.

Required Technical and Professional Expertise

• Endpoint Protection Experience Required
• Industry related certifications: Security+, CEH, GSEC, etc.
• Strong interpersonal and organizational skills
• Strong business acumen including written and verbal communication skills
• Critical thinking and problem-solving skills
• Desire to work in SOC, Vulnerability Management, Security Information Event Management, Threat Hunt, or Threat Intel team on a long-term basis
• Experience with Microsoft Sentinel, Splunk or other industry-leading Security Information Event Management technologies
• Experience with Vulnerability Management technologies
• Experience with Microsoft Defender for Endpoint and other Defender Suites, CrowdStrike, Sentinel One, or other industry-leading Endpoint Protection Platforms

Preferred Technical and Professional Expertise

• 2+ years’ experience in Security Operations (e.g. SOC, Forensics, Cloud Security, Network Security, Threat Hunting, etc.)
• Microsoft SC-100, SC-200, AZ-500
• Experience with Cloud Security configuration best practices
• Experience with scripting and automation (e.g. python, powershell, etc)
• Working knowledge of HIPAA, PCI-DSS, and NIST frameworks

RKON does not accept unsolicited resumes from staffing agencies, search firms or any third parties.