The Lead Consultant, SOC Analyst's primary mission is to improve and grow ABS Group's Industrial Security Operations Center's monitoring and incident response capabilities. This role leads the incident detection, analysis, and response operations as well as reporting to clients and end users.
This position is responsible for ensuring Service Level Agreements (SLA) are met when responding to digital security incidents, providing forensics and threat hunting support, and managing security analysis and OEM communications. The Lead Consultant will also help define and optimize the analytical and dashboard tools to correlate and distribute information to clients and partners.
The Lead Consultant works with a team that performs real time event and incident management processes, as well as OT security incidents evaluation and response following the event management guidelines and policies of ISOC. This position requires 3-5 years of cybersecurity incident response experience and OT experience related to critical infrastructure. The candidate should have experience with IT/OT Security (i.e., monitoring Supervisory Control and Data Acquisition (SCADA) or Distributed Control Systems (DCS), and customer service skills. In addition to delivery, execution, and improvements of the ISOC capabilities, the Lead Consultant might be tasked with development and testing of various security practices and controls to meet customer or regulatory cyber security requirements.
The candidate is expected to continuously self-improve as a subject matter expert by participating in educational opportunities, reading professional literature, attending conferences etc.
What You Will Do:
Understand modern attack techniques on applications, systems, and networks
Support efforts to respond to digital security incidents through the initial triage phase and provide support to business and IT/OT clients as they work to close identified gaps
Build and maintain close working relationship with the ISOC partners, cyber threat intelligence team, technology partners and others to bring together a holistic view of incidents
Provide network intrusion detection expertise to support timely and effective decision making and when to declare and escalate an incident
Provide incident response support, including evidence preservation and forensics
Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, EDR, Antivirus, etc.) to determine the correct remediation recommendations and escalation paths for each incident
Analyze network flow data for anomalies and detect malicious network activity
Provide information regarding intrusion events, security incidents, and other threat indications
Provide technical analysis and guidance on control systems security trends and industry benchmarking
Conduct vulnerability assessments of complex, hybrid IT/OT environments
Prepare and conduct technical presentations
Identify and enhance the capabilities of the team by developing opportunities for automation
Develop and test solutions in the ABSG Cyber Lab to enhance our service and product offerings
What You Will Need:
Education and Experience
3-5 years in security operations centers with IT cyber security, preferably OT/ICS cyber security implementation, and OT/ICS compliance experience
Bachelor's degree in engineering, Computer Science, Cybersecurity, or demonstrated equivalent work-related experience
Hands on SOC Threat Monitoring and Cyber Incident Response Team experience, required
Prior experience writing technical reports in English, preferred
Experience developing and delivering training, preferred
Knowledge, Skills, and Abilities
Have demonstrated experience in computer and network systems, including IT/OT security, cyber-related regulations, MITRE security practices and/or NIST standards
Have demonstrated CIRT, CERT, Threat Monitoring, or SOC level 2 experience
Have sound understanding of network, system, and application intrusion techniques on IT/OT infrastructure
Have a good understanding of log formats from OS, Databases, Firewalls, Applications
Have knowledge in Microsoft Sentinel, ArcSight, Splunk and other security tool environments
Advanced Linux and Windows network knowledge
Advanced knowledge of common OT protocols, i.e. Modbus, DNP3, OPC
Ability to analyze OT Network traffic in Wireshark
Able to interpret vulnerability assessments into actionable items for the client
Able to demonstrate proficiency in MITRE ATT&CK Framework or LM Cyber Kill Chain® framework
Possess excellent presentation skills, including presentation development, numeracy and analysis skills, and advanced skills in Microsoft Word, Excel, PowerPoint, Visio, and Outlook
Possess excellent English oral and written communication skills, and strong interpersonal and collaboration skills
Work productively with little supervision with demanding due dates
Working knowledge of the ABS Health, Safety, Quality and Environmental Management Systems
Reporting Relationships:
Reports directly to the SOC Lead and will have no direct reports.
Salary Range: $80,000-95,000
ABOUT US
We set out more than 160 years ago to promote the security of life and property at sea and preserve the natural environment. Today, we remain true to our mission and continue to support organizations facing a rapidly evolving seascape of challenging regulations and new technologies. Through it all, we are anchored by a vision and mission that help our clients find clarity in uncertain times.
ABS is a global leader in marine and offshore classification and other innovative safety, quality, and environmental services. We're at the forefront of supporting the global energy transition at sea, the application of remote and autonomous marine systems, cutting-edge technical solutions, and many more exciting advancements. Our commitment to safety, reliability, and efficiency is ever-present, guiding our clients to safer and more efficient operations.
About Our Benefits
ABS Group proudly offers a variety of industry-leading benefits designed to enhance the life and well-being of our employees and their families. These benefits include, but are not limited to, medical insurance (PPO and HD), dental and vision insurance, Health Savings account (HSA), Flexible Savings Account (FSA), life insurance, accidental death and dismemberment insurance, disability leave programs, parental leave program, paid holidays, and paid vacation time. The Company provides an Employee Assistance Plan (EAP) that offers additional support in personal wellness, including work-life services. ABS Group also offers a 401K plan with a generous company match, subject to plan requirements.
Equal Opportunity
The ABS Group of Companies is committed to the equal employment opportunity of its employees and prohibits discrimination against any employee or qualified applicant based on race, color, creed, religion, national origin, sex, gender identity, age, disability, marital status, sexual orientation, citizenship status or veteran status, or other non-work-related characteristics that may be protected under the law of the Federal Government or specific state employment laws.
Notice
ABS and Affiliated Companies (ABS) will not pay a fee to any third-party agency without a valid ABS Master Service Agreement (MSA) authorized and signed by Human Resources. Any resume, CV, application, or other forms of candidate submission provided to any employee of ABS without a valid MSA on file will be considered property of ABS, and no fee will be paid.
Other
This job description is not intended, and should not be construed, to be an all-inclusive list of responsibilities, skills, efforts or working conditions associated with the job of the incumbent. It is intended to be an accurate reflection of the principal job elements essential for making a fair decision regarding the pay structure of the job. #ogjs