SOC Analyst

Position Title: SOC Analyst - Tier 1

Crown Castle is the nation's largest provider of shared communications infrastructure: towers, small cells and fiber. It all works together to meet unprecedented demand-connecting people and communities and transforming the way we do business. Whenever you make a call, track a workout or stream music and videos, we're the ones providing the communications infrastructure that makes it all possible. From 5G and the internet of things to drones, autonomous vehicles and AR/VR, we enable the technologies that help people stay safe, connected and ready for the future. Crown Castle is a Fortune 500 company, publicly traded on the S&P 500, and one of the largest Real Estate Investment Trusts in the US, with an enterprise value of ~$100B.

Role
Under the leadership of the Manager, Security Operations Center (SOC), the SOC Analyst - Tier 1 contributes to the protection of company assets and information by monitoring security events and responding to incidents. Responsibilities will include the day-to-day (24x7) operations to include the application of analytic and technical skills with a focus on root cause analysis. The Tier 1 SOC Analyst will work collaboratively to detect and respond to information security incidents, maintain and follow procedures for security event alerting, and participate in security investigations. They will also collaborate with the SOC team to provide value-added analysis of potential threats and make mitigation recommendations. The Tier 1 SOC Analyst will maintain knowledge of the current cyber-threat landscape.

Essential Job Functions

• Perform operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including but not limited to events from SIEM monitoring tools, network and host-based intrusion detection systems, firewall logs, system logs (Unix & Windows).
• Perform initial incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and assistance in remediation efforts.
• Responsible for initial response to security events (malware infections, unauthorized access, malicious emails, DDoS attacks) and escalating to appropriate SOC and Threat Management team members.
• Support of the Incident Response Commander (IRC) through completion of assigned IR tasks and associated analysis, reporting and documentation.
• Support threat hunting activities through completion of assigned campaign tasks and associated analysis, reporting and documentation.
• Evaluate the type, nature, and severity of security events with a range of security event analysis tools.
• Completion of Threat Management assigned tickets including triage and assignment to other Enterprise Security groups.
• Assist Threat Management Architects with security platform and tools testing.
• Execute other responsibilities as assigned by management.

CROWN CASTLE Position Description
Note: This position description is intended to describe the general nature and level of work being performed by an employee in this job. It is not an exhaustive list of all responsibilities, duties, and skills that may be necessary for this role. An employee may be required to perform duties outside of his or her normal responsibilities from time to time, as needed.

Expectations

• Individual and collaborative work done in a way that balances educated critical thinking and decision making with measured speed of implementation.
• Effective communication between teammates, manager, other members of Threat Management, Enterprise Security, Business Unit Partners, and end-users.
• Ability to influence conversations and work through building of relationships, thoughtful framing of issues, and building influence through excellent work.
• Agility to learn new skills and abilities as work within your group may change.
• Strong written and verbal communication skills with an ability to present complex information in a clear and simple format.
• A constant example of modeling Crown's B3 values. (Be Real, Be Accountable, Be an Owner)

Education/Certifications

• Bachelor's degree in Cybersecurity or comparable years' experience.
• Working towards security certification such as CISF-GIAC Information Security Fundamentals, Security+, a plus

Experience/Minimum Requirements

• Understanding of network, systems and endpoint security practices, platforms, and tools
• Knowledge of cybersecurity incidents, security threats, risks, and vulnerabilities
• Authorization to work in the U.S. on a full-time, regular basis without additional sponsorship

Reports to: Manager, Security Operations Center

Impellam Group and its brands are equal-opportunity employers committed to diversity and inclusion. All qualified applicants will receive consideration without regard to race, color, religion, gender, sexual orientation, pregnancy or maternity, national origin, age, disability, veteran status, or any other factor determined to be unlawful under applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application, interview process, pre-employment activity, and the performance of crucial job functions.

If you require additional disability considerations, modifications, or adjustments please let us know by contacting HR-InfoImpellamNA@impellam.com or fill out this form to request accommodations.