United Technologies Corporation Senior Security Operations Center Analyst in Farmington, Connecticut

Job ID: 73147BR

City: Farmington

State: Connecticut

Country: United States

Category: Information Technology

Job Type: Full Time

Description:

United Technologies Corporate headquarters is seeking an experienced and motivated individual to join the Corporate Digital staff to support the Security Operations group.

The Security Operations Center (SOC) Senior Analyst Position is responsible for helping to safeguard the company's assets, intellectual property, and computer systems in support of the company's business objectives. The applicant will be responsible for detecting cyber attacks, and escalating or remediating as necessary. The SOC Analyst works among a team of skilled analysts to address complex or difficult problems as needed within a Cyber Security Fusion Center environment.

The focus of this role is working within the UTC Cybersecurity department reporting to the Associate Director Cyber Security and Risk Managment and Lead. Job responsibilities are:

  • Collects, analyses and enriches event information and perform threat or target analysis duties.

  • Interprets, analyses, and reports all events and anomalies in accordance with Computer Network Directives, including initiating, responding, and reporting discovered events.

  • Manages and executes multi-level responses and addresses reported or detected incidents.

  • Providing reporting and metrics around security monitoring by designing dashboards for asset owners and management consumption.

  • Coordinates and distributes directives, vulnerability, and threat advisories to identified consumers.

  • Develops focused reporting and briefings for advanced cyber threats and activity to various teams and leaders.

  • Ability to do deep dive investigations on complex incidents.

  • Improving the service level for security operations and monitoring. Creating and maintaining system documentation for security event processing.

  • Act as Subject Matter Experts for analysis functions, providing support on more involved cases and guiding the activity of other analysts through collaboration act as the lead coordinator for the SOCs response to individual information security incidents.

  • Act a SME and trainer to T1 personal as needed/ Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks in support of technologies managed by the Security Operations Center.

  • Teach other SOC Analysts about both traditional and unconventional ways to detect, analyze, and mitigate security incidents and other anomalies

  • Regularly recommend new SOC practices and approaches to address program improvement

  • Ensures security logs are generated, collected, correlated, and monitored.

  • Performs analysis duties, including:

  • Development of Data Dictionaries for log sources to confirm which fields and values are needed or useful for Security Monitoring

  • Review of available logs to confirm there are adequate quantities and content to usefully provide Security Monitoring

  • Review current tooling to identify incremental monitoring opportunities, and communicate needs to engineering teams that support SOC

  • Triage SIEM alerts to determine False Positive, Incident, or Technology Misconfiguration

  • Perform research at the request of Incident Response teams

  • Perform case management activities to ensure successful BAU Security Monitoring Operations, including:

  • Documenting case activities in the system of record

  • Documenting current case notes sufficient for effective shift handover, as well as reviewing current status via phone call or in person

  • Engaging in all forms of communications (e.g. phone calls, instant-messaging, web page updates) to ensure cases are efficiently investigated by all approved parties, regardless of what company, department, or team they are a member of/

  • Author Standard Operating Procedures (SOPs).

  • Creating incident detection “use case” needs, logic, and implementation methods

  • Creating "use case” alert triage workflows

  • Training documentation

Qualification: Minimum Qualifications

  • 3-5 years of computer and network security experience preferred

  • Thorough understanding of fundamental security and network concepts (operating systems, IPS/IDS, TCP/IP, ports, etc.)

  • Demonstrated analytic expertise – to include ability to think critically and logically in a dynamic, high-pressure, fast-paced environment

  • Excellent written and oral communication skills

Desired Qualifications

  • Security certifications (e.g. Security+, GCIA, GCIH, CISSP, CEH, OSCP, etc.)

  • Experience with Microsoft and Unix-based operating systems

  • Experience managing and tracking vulnerability cases

  • Experience supporting network security investigations

Education:

  • Bachelor’s Degree in Computer Science, Computer Engineering, Information Security, or related security discipline(s) or Master’s Degree preferred or not required

United Technologies Corporation is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Qualification:

Minimum Qualifications

  • 3-5 years of computer and network security experience preferred

  • Thorough understanding of fundamental security and network concepts (operating systems, IPS/IDS, TCP/IP, ports, etc.)

  • Demonstrated analytic expertise – to include ability to think critically and logically in a dynamic, high-pressure, fast-paced environment

  • Excellent written and oral communication skills

Desired Qualifications

  • Security certifications (e.g. Security+, GCIA, GCIH, CISSP, CEH, OSCP, etc.)

  • Experience with Microsoft and Unix-based operating systems

  • Experience managing and tracking vulnerability cases

  • Experience supporting network security investigations

United Technologies Corporation is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.