Hybrid SOC Analyst III Farmington Hills MI only chez Comerica
Comerica · Farmington Hills, États-Unis d'Amérique · Hybrid
- Professional
- Bureau à Farmington Hills
The Security Operations Center is responsible for providing 24/7, 365 monitoring, detection, and response capabilities for Comerica. This includes event, cloud security, and DLP monitoring, as well as a role in the incident response process. The Tier 3 SOC Analyst serves as an escalation point for Tier 1 and Tier 2 Analysts within the SOC and provides advanced analytical and investigation support for complex incidents to assist in containment and mitigation of threats.
The Tier 3 Security Operation Center (SOC) Analyst is responsible for providing oversight during day-to-day operational tasks for Tier 1 and 2 analysts within the SOC, as well as advanced technical investigation capabilities to respond to security incidents. The analyst will serve as the escalation point for all SOC analysts, and as an interface with the Advanced Threat Hunt and Intelligence team for the SOC.
Position Responsibilities:
Security Operations Center (SOC) Analysis
Provides advanced technical investigation and forensics capabilities across malware, phishing, cloud access security brokers (CASB), network, and configuration compliance domains. Responds to and mitigates security incidents based on defined process and procedures to contain and eradicate threats. Resolves or escalates investigations to CSIRT as required, in coordination with the SOC Manager. Interfaces with the threat hunting and threat intelligence teams to build proactive searches / signatures in the SIEM or security application to enhance detection capabilities. Performs sampled reviews of investigated incidents by Tier 1/Tier 2 Analysts to improve ticket quality and provides feedback to coach junior Analysts.
Documentation and Support
Participates in the development / enhancement of process and technologies impacting the SOC and the broader Cyber Defense Operations function. Collaborates closely with the SOC Manager to develop recommendations and/or technical implementations to improve workflows within the SOC, including the use of automation and optimization of processes. Collaborates with other Engineering and Operations teams within Comerica to troubleshoot, respond, and improve detection capabilities. Handles sensitive information in accordance with the Corporate Information Protection Policy.
