Security Operations Center (SOC) Analyst

Vintti is a staffing agency dedicated to boosting the economic efficiency of US companies. We provide access to a diverse range of skilled Latin American professionals, allowing businesses to build robust teams without the traditional high costs associated with domestic hiring. Our model supports companies in maximizing their resources, driving innovation, and achieving sustainable growth.

A Security Operations Center (SOC) Analyst is a critical role responsible for monitoring and analyzing an organization's security infrastructure to protect against cyber threats. Utilizing a range of tools and technologies, the SOC Analyst detects suspicious activities, responds to security incidents, and mitigates risks. This role involves constant vigilance, timely reporting, and collaborating with other IT and security teams to ensure the organization's data and systems remain secure. SOC Analysts play a key role in maintaining the integrity and confidentiality of sensitive information, safeguarding the organization from potential breaches and vulnerabilities.

- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field.
- Minimum of 2-4 years of experience in a SOC or similar security role.
- Proficiency with Security Information and Event Management (SIEM) tools.
- Strong knowledge of IDS/IPS, firewalls, and endpoint protection systems.
- Experience with incident response practices and procedures.
- Familiarity with malware analysis techniques and tools.
- Understanding of vulnerability assessment and management.
- Competency in conducting forensic analysis and investigations.
- Proficiency in analyzing system and network logs.
- Knowledge of threat hunting methodologies.
- Strong understanding of current cybersecurity threats, vulnerabilities, and mitigation techniques.
- Experience developing and following standard operating procedures (SOPs) for incident response.
- Ability to create detailed incident documentation and reporting.
- Experience working with compliance and regulatory standards.
- Strong analytical and problem-solving skills.
- Excellent communication and collaboration skills.
- Ability to work in a fast-paced, high-pressure environment.
- Willingness to participate in 24/7 shift rotations.
- Industry certifications such as CISSP, CEH, GCIH, GCIA, or similar.
- Experience with scripting languages (e.g., Python, PowerShell) is a plus.
- Strong attention to detail and a proactive approach to security.
- Ability to handle confidential and sensitive information with integrity.

- Monitor and analyze security events from SIEM, IDS/IPS, firewalls, and endpoint protection systems.
- Investigate and respond to alerts, performing triage and assessing severity and impact.
- Conduct real-time analysis and correlation of security events to detect threats and vulnerabilities.
- Perform initial incident response actions, including containment, eradication, and recovery.
- Document findings, actions, and resolution status in the incident management system.
- Collaborate with IT teams and external parties, including law enforcement, during incidents.
- Execute vulnerability scans and assess system and network security posture.
- Develop and implement standard operating procedures (SOPs) for incident response.
- Research current security threats and vulnerabilities and update mitigation techniques.
- Participate in threat hunting to proactively identify and mitigate security risks.
- Analyze malware samples and use sandboxing techniques to understand behavior.
- Review and analyze system and network logs for indicators of compromise (IOCs) and abnormal activities.
- Escalate significant incidents to higher-level analysts or relevant stakeholders.
- Engage in continuous improvement of incident detection and response processes.
- Conduct phishing simulations and awareness training for employees.
- Provide regular reports and metrics on security events, incidents, and trends.
- Assist in forensic analysis and investigation of security breaches, preserving evidence.
- Support compliance and regulatory audits by providing documentation and evidence.
- Ensure SOC tools and technologies are operational and updated, performing maintenance and updates.
- Participate in 24/7 monitoring and response through shift rotations.

The ideal candidate for the Security Operations Center (SOC) Analyst role is an inquisitive and curious individual with a strong ethical foundation and unwavering integrity. They possess a proactive and forward-thinking approach to cybersecurity, underpinned by a Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field, and a minimum of 2-4 years of experience in a SOC or similar security role. This candidate is proficient with SIEM tools, IDS/IPS, firewalls, and endpoint protection systems, and has hands-on experience with incident response practices and procedures. They exhibit a thorough understanding of current cybersecurity threats, vulnerabilities, and state-of-the-art mitigation techniques, complemented by a solid grasp of vulnerability assessment, malware analysis, forensic investigations, threat hunting methodologies, and log analysis. Detail-oriented and analytical, they effectively create and follow SOPs, document incidents comprehensively, and communicate findings clearly. The candidate excels under pressure, is adaptable for 24/7 shift rotations, and possesses strong problem-solving skills, critical thinking abilities, and a collaborative, team-oriented mindset. Additionally, having industry certifications such as CISSP, CEH, GCIH, and GCIA, and familiarity with scripting languages like Python or PowerShell, further elevates their profile. Their commitment to continuous learning, combined with the ability to handle sensitive information discreetly, shows their proactive and resilient nature towards evolving cybersecurity challenges.

- Monitor and analyze security events from various sources, including SIEM, IDS/IPS, firewalls, and endpoint protection systems.
- Investigate and respond to alerts, performing triage, and determining the severity and impact of security incidents.
- Conduct real-time analysis and correlation of incoming security events to identify potential threats and vulnerabilities.
- Perform initial incident response, including containment, eradication, and recovery activities.
- Create and maintain incident tickets in the incident management system, documenting findings, actions taken, and resolution status.
- Collaborate with other IT teams and external parties, such as law enforcement, as necessary during incident response.
- Execute vulnerability scans and assess the security posture of systems and networks.
- Develop, revise, and implement standard operating procedures (SOPs) and documentation for security incident response.
- Research and remain up-to-date on current security threats, vulnerabilities, and mitigation techniques.
- Participate in threat hunting activities to proactively identify and mitigate potential security risks.
- Analyze malware samples and execute sandboxing techniques to understand behavior and impact.
- Review and analyze system and network logs to identify indicators of compromise (IOCs) and abnormal activities.
- Escalate significant incidents to higher-level SOC analysts or other relevant stakeholders as necessary.
- Engage in continuous improvement efforts, reviewing and updating incident detection and response processes.
- Conduct phishing simulation and awareness training to educate employees on cybersecurity best practices.
- Provide regular reports and metrics on security events, incidents, and trends to management.
- Assist in forensic analysis and investigation of security breaches, collecting and preserving evidence.
- Support compliance and regulatory audits by providing necessary documentation and evidential artifacts.
- Ensure the SOC's tools and technologies are operational and up-to-date, performing routine maintenance and updates.
- Participate in shift rotations to provide 24/7 monitoring and response coverage, as required.

- Inquisitive and curious mindset
- Strong ethical standards and integrity
- Proactive and forward-thinking approach
- Excellent problem-solving capabilities
- Attention to detail and thoroughness
- High degree of adaptability and flexibility
- Collaborative and team-oriented attitude
- Strong communication skills, both verbal and written
- Ability to remain calm and composed under pressure
- Persistent and tenacious in identifying and resolving security issues
- High level of initiative and self-motivation
- Eagerness to continuously learn and improve
- Strong critical thinking and analytical abilities
- Technologically savvy with up-to-date knowledge of cybersecurity trends
- Resilient against stress and able to manage time effectively
- Good judgment and decision-making capabilities
- Empathy and understanding for user perspectives on security policies
- Ability to handle sensitive information discreetly and confidentially

- Competitive salary range
- Comprehensive health, dental, and vision insurance plans
- Retirement savings plan with employer matching
- Generous paid time off (PTO) and holidays
- Training and professional development opportunities
- Tuition reimbursement program
- Flexible work hours and remote work options
- Wellness programs and gym membership discounts
- Employee assistance program (EAP) for mental health support
- Career growth and advancement paths
- Access to cutting-edge security technologies and tools
- Company-sponsored certifications and educational courses
- Performance-based bonuses and incentives
- Regular team-building activities and social events
- Employee recognition and reward programs
- Life and disability insurance coverage
- Commuter benefits and transportation reimbursement
- Collaborative, inclusive, and diverse work environment
- Onsite amenities such as a cafeteria and relaxation spaces
- Support for community service and volunteer activities