Caterpillar Inc. is a leading manufacturer of construction and mining equipment, committed to building a sustainable world. They are seeking a Security Operations Center Analyst to monitor security alerts, investigate incidents, and collaborate with IT and cybersecurity teams to remediate threats.
Monitor security information and event management (SIEM) systems for security alerts
Investigate alerts with various security tools
Analyze and triage security alerts, escalating, as necessary
Collaborate with IT and cybersecurity teams to contain and remediate threats
Monitor the Phishing inbox, investigate and respond to all reported emails
Inspect file attachments and links for potential malware
Investigate network alerts through the IDS tool
Ensure accurate case notes are recorded
Document incident findings, actions taken, and lessons learned
Qualification
Required
SOC or equivalent experience
Experience within IT (Information Technology)
Experience with SIEM or similar solutions (splunk, logscale, etc...)
Some proficiency in PowerShell, Python, SQL
Proven critical thinking skills and ability to solve problems
Proven ability to learn new tools, processes, and technical concepts quickly
Knowledge of Incident handling, MITRE attack framework, and Cyber Security Kill Chain
Understanding of Windows Authentication protocols, network technologies, Explicit Proxy, IDS, EDR, UEBA, and Sandboxing
Experience with Cybersecurity report writing
Understanding of or experience in penetration testing
Knowledge of developing cybersecurity policies, standards, and procedures; ability to develop and communicate policies, standards and procedures that guide interactions with customers
Knowledge of the tools and processes for maintaining endpoint security; ability to design and implement security programs to prevent data loss and access intrusion from external sources
Strong experience in Enterprise Tool Support (AV, EDR, Vulnerability Scanner, SCCM, etc)
Knowledge of technologies and technology-based solutions dealing with information security issues; ability to protect information security across the organization using encryption technologies and appropriate security software
Knowledge of IT security policies, standards, and procedures; ability to utilize a variety of administrative skill sets and technical knowledge to ensure cyber security compliance
Knowledge of tools, methods, and techniques of requirement analysis; ability to elicit, analyze and record required business functionality and non-functionality requirements to ensure the success of a system or software development project
Knowledge of the features and facilities of systems; ability to integrate and communicate among applications, databases, and technology platforms
Knowledge of technical writing; ability to write technical documents such as manuals, reports, guidelines or documents on standards, processes, and applications
Knowledge of antivirus/malware attacks and the defenses used; ability to defend and prevent electronic threats, theft, and attacks
Bachelor's degree in a relevant field or equivalent experience
