Cyber SOC Analyst / Engineer | Schlumberger

Job Details

Cyber SOC Analyst / Engineer

Houston - United States

Schlumberger IT Operations is looking for an IT Security Operations Center Analyst to join the newly created Houston SOC Team. The IT Security Operations Center Analyst position requires information gathering, analytics aptitude, problem-solving skills and team spirit to minimize and/or neutralize risk. IT Security Analysts are on the "front lines" of security operations. Incumbents constantly monitor the environment for signs of trouble and are often the first point of contact when a high-risk alert is issued, or a suspected attack begins to affect business operations.

Responsibilities:

The candidate may work on any of the following:

  • Conducts network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems (IDS/IPS), firewalls, host-based security systems (HBSS), etc.
  • Correlates network activity across networks to identify trends of unauthorized use
  • Researches emerging threats and vulnerabilities to aid in the identification of incidents
  • Analyze the results of the monitoring solutions, asses and correlate the output using automated systems. Conduct triage, event correlation, classification and analysis of these events such that incidents are investigated and logged or followed-up using the existing information risk incident management processes
  • Provide pro-active feedback which will enable improvement of the current monitoring rules, based on information and knowledge/experience from Schlumberger and Industry best practices.
  • Capable of working unsupervised, but able to interact and give direction to business and IT teams in line within established corporate security policies and processes.
  • Develops and maintains constructive and cooperative working relationships team members
  • Demonstrates the ability to drive for creative, innovative ways to solve problem or minimize risk
  • Consultative skills and ability to work cross-functionally
  • Focused and results oriented
  • Ability to react quickly, decisively and deliberately in high-stress, high-impact situations
  • Strong decision-making capabilities, with a proven ability to weight the relative costs and benefits of potential actions and identify the most appropriate one

 L1 SOC/ CyberSOC Analyst is expected to:

  • Demonstrate at least 6 of the skills listed in the “Technical Skill” section
  • Daily review of SIEM to monitor activities within the company environments
  • Follow existing incident playbooks
  • Contribute to the improvement and creation of playbooks
  • Learn new skills across all technical domains
  • Use public cyber security resources (e.g. sites/blogs/podcasts) to stay up to date with latest news / threats
  • Ability to read and understand additional languages is a strong advantage
  • Show a commitment to progress towards L2
  • Strong background in programming and in network/system administration

L2 SOC analyst/ CyberSOC Engineer is expected to:

  • All skills required of an L1 SOC analyst
  • In-depth knowledge of at least 10 of the skills listed in the “Technical Skill” section
  • Must be able to research, develop, and communicate solutions to detected security incidents in a timely manner
  • Use strong TCP/IP networking skills to perform network analysis to isolate and diagnose potential threats and anomalous network behavior
  • Look after main SOC KPIs and create the performance reports
  • Mentor L1 analysts

Qualifications & Experience

  • Bachelor’s Degree in Cyber Security
  • Or Bachelor’s Degree in Computer Science, Management Information Technology, or a closely related field AND Cyber Security Experience or certified coursework (e.g. SANS, GIAC, ISACS, etc.)
  • Information Security Experience:
    • For L1: 1-2 years (or appropriate internships for at least three months if fresh out of college)
    • For L2: 3-5 years (IR or SOC experience highly desired)
  • Must be able to work flexible hours including early/late shift, weekends, and public holiday
  • Fluent in English
  • Good communication skills
  • Must possess good work habits, a strong work ethic, and be able to adhere to company work hours, policies, and standard business etiquette
  • Keen to continue self-development
  • Candidates must be able to legally work and reside in the US, without sponsorship

Certifications (1 or more of the following):

Current (not future/or planned) Certification are preferable

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • SANS GIAC certification in Cyber Defense, Penetration Testing, or Incident Response and Forensics
  • EC-Council certification: CEH, ECSA, CHFI, CND
  • Cisco Certified Network Associate (CCNA)

Technical Skills:

  • Information Security tools & packet analyses tools (e.g. CB, Wireshark)
  • Intrusion Detection (e.g. IDS/IPS tools)
  • Firewall (e.g. Pato Alto Networks)
  • Security Information and Event Management (SIEM) – Splunk is preferred 
  • Strong Windows and Linux administration experience
  • Programming/Scripting tools (e.g. Python, Bash)
  • Internet Protocols and Services (e.g. TCP/IP, FTP, HTTPS, SSH)
  • Networking infrastructure (Cisco is preferred)
  • Vulnerability Testing tools (e.g. Nessus, Kali)
  • Network scanning tools (e.g. NMAP)
  • Awareness of SCADA / IIoT technologies
  • Log analysis/ Windows event analysis
  • Network and Host forensics
  • Malware analysis and memory analysis
  • Antivirus solutions, virus outbreak management and the ability to differentiate virus activity from directed attack patterns
  • SharePoint and PowerBI experience is an advantage
  • Strong troubleshooting and root cause analyses skills

 

Schlumberger is an equal employment opportunity employer. Qualified applicants are considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or other characteristics protected by law.

Schlumberger is a VEVRAA Federal Contractor – priority referral Protected Veterans requested.

 

Cyber SOC Analyst / Engineer
Log in to apply for this position today.
Apply Now

Share This