Senior Vehicle SOC Analyst
ABOUT THE ROLE
Upstream Security is looking for a senior Vehicle SOC (VSOC) analyst to address potential vehicle security incidents, evaluate incidents identified by detection systems, and create and implement, together with customers, a strategy for containment and recovery.
The senior VSOC analyst will use threat intelligence, previous similar attack vectors, and insights from internal research teams to pinpoint affected assets, the type of attack, and the extent of the attack. The senior VSOC analyst will be responsible for playbook creation and maintenance and will ensure that the correct training is in place so that team members can implement procedures and policies.
The senior VSOC analyst will act as the vehicle security focal point for managed services for customers and troubleshooting of real-time potential security alerts.
The position is full-time based in Michigan / Metro Detroit
- Primarily responsible for security event monitoring, management, and response
- Provide administrative direction and support for daily operational activities
- Participate in business reviews and workshops with partners and customers
- Establish operational foundations, defining metrics and KPIs to drive governance, quality, and efficiency. Influence and improve existing processes through innovation and operational change
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
- Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
- Revise and develop processes to strengthen the current Security Operations Framework, review policies and highlight the challenges in managing SLAs
- Identify threat vectors and develop use cases for security monitoring
- Fine tune detection logic and machine learning profiles
- Creation of root cause analysis, reports, dashboards, metrics for SOC operations and presentation to senior management
- Proficient in Incident Management and Response
- Experience in creation of playbooks
- Experience in security device management and SIEM (Splunk, Qradar, etc.)
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Familiarity with malware techniques and attack techniques (e.g. code injection, DGA, hooks, etc.)
- Familiarity with big data platforms and data analysis (e.g. SQL, python)
- Strong troubleshooting and problem-solving skills
- Knowledge of applications, databases, middleware to address security threats
- Proficient in preparation of reports, dashboards, and documentation
- Excellent communication and leadership skills
- Ability to handle high pressure situations with key stakeholders
- Excellent interpersonal skills, positive attitude and outstanding customer approach
- Ability to take initiative and adapt
- Experience in performing vendor management