Security Operations Center (SOC) Analyst (Level 1-3, 1st Shift) Blue Cross Blue Shield of Arizona 108 reviews - Phoenix, AZ The SOC Analyst is part of team that provides 24x7 security monitoring and incident handling. This includes monitoring, reporting, coordination and escalation, where applicable, of events and tracking. The SOC Analyst is responsible for providing effective security monitoring and incident response through triage, investigation, communication, and reporting. Perform real-time log analysis to provide network and data security. Evaluates the type and severity of security events by making use of packet analyses, and in-depth understanding of exploits and vulnerabilities. Work in a team environment and monitor the health and wellness of network and security devices within the SOC. Level 1 - Performs job functions under close supervision or peer review Collaborate with IIS engineering staff to ensure effective and reliable operation of security software and systems for fulfilling business objectives and processes using a varied and evolving toolset. Work in partnership with other development, infrastructure and IIS engineering teams to recommend ways to minimize or remediate vulnerabilities. Provide analysis and trending of security log data from a large number of heterogeneous security devices Provide Incident Response (IR) support when analysis confirms actionable incident Investigate, document, and report on information security issues and emerging trend Integrate and share information with other analysts and other teams The role is responsible for assessing and maintaining the IT security posture of BCBSAZ by applying data/information collected from to security and other monitoring tools to BCBSAZs enterprise Research, analyze, track and resolve, often in partnership with other IT teams, security alerts, notifications and incidents. Perform/assist with security audits and processes in accordance with broader IT and corporate strategies. Assist/coordinate and perform tests for modified and new systems. Monitor and test system behaviors; prepare and deliver system performance statistics and reports. Participate in a variety of security related projects as technical or educational resource Review and analyze violation reporting with follow-up as necessary. Other duties as assigned Level 2 - Performs job functions with general supervision Evaluate security risk assessments of new systems and upgrades to determine impact to information security Weigh business needs against security concerns and articulate issues to management. Participate in addressing on-going security needs as part of system/software development processes. Facilitate and/or create new procedures and processes that support advancing technologies or capabilities. Evaluate high-level project information and assess project components to forecast work effort required Provide threat and vulnerability analysis as well as security advisory services Identify opportunities to improve procedures and processes that support the adoption of electronic capabilities Participate or leads small to medium scoped projects Level 3 - Performs job functions with minimal supervision Act in leadership role in guiding security incident response efforts as they occur. Serve as primary operational contact for internal / external customers when needed or in absence of Manager Ensure Service Level Agreements between department and operational or technical areas are met Provide peer-level review and mentoring to level 1 and 2 Participate and/or lead large- or complex-technical projects Lead, develop and mentor staff by providing opportunities for growth through delegation, training, and assignment to various project teams Inform the manager of any issues impacting the efficient and effective performance of the department including system, resource, and informational barriers; Provides timely feedback to team member on performance Assist the manager in the day-to-day operations of the department ALL LEVELS Each progressive level includes the ability to perform the essential functions of any lower levels and mentor employees in those levels. The position requires a full-time work schedule. Full-time is defined as working at least 40 hours per week, plus any additional hours as requested or as needed to meet business requirements. Perform all other duties as assigned. Participate in on-call rotation Employment Requirements REQUIRED QUALIFICATIONS Required Work Experience Level 1 Level 2 Level 3 3 years 4 years 6 years Experience in information technology or computer systems 1 year 3 years 5 years Experience in SOC or comparable InfoSec position 1 year 2 years Experience in project management Required Education High-School Diploma or GED in general field of study (All Levels) Required Licenses N/A Required Certifications N/A PREFERRED QUALIFICATIONS Preferred Work Experience 5 - 15 years of experiences of supporting enterprise system solutions 3 - 5 years of experience working in a SOC 3 - 5 years of experience supporting high level productions system environments with security emphasis Preferred Education Bachelors Degree in Computer Science, Information Systems, Business, or related field (All Levels) Preferred Licenses N/A Preferred Certifications SANS GIAC Certified Enterprise Defender (GCED), Incident Handler (GCID), Forensic Analyst (GCFA) , ISC2 Certified Cyber Forensics Professional (CCFP), EC-Council Certified Security Analyst (ECSA), Certified Network Defender (CND), Certified Information Systems Security Professional (CISSP). Level 2 -one certification, Level 3 - two certifications, Level 4 - three or more. REQUIRED COMPETENCIES Required Job Skills (Applies to All Levels) Experience in the use of - IPS/IDS tool(s), Antivirus Software, Web Filtering Software, Familiarity with attack methodologies (identifying and remediation), and familiarity with Security Domains and Strategies. The ability to work across team boundaries to help secure the compute environment by designing system configuration; defining, documenting, and enforcing system security standards. The role requires a knowledge of cyber security fundamentals as applied at an enterprise level. Maximizes system / application security by monitoring application, network and generalized system events; researching system / application events and patterns; collaborating with supporting IT server, network, storage, DBA and development personnel. Enforcing policies; defining and monitoring standards and methodologies, often in collaboration with other IT teams. Updates job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations. Accomplishes information systems and organization mission by completing related results as needed. Reporting system and application operational status by gathering, prioritizing information; managing projects Required Professional Competencies (Applies to All Levels) Strong analytical skills to support independent and effective decisions Ability to prioritize tasks and work with multiple priorities, sometimes under limited time constraints. Perserverance in the face of resistance or setbacks. Effective interpersonal skills and ability to maintain positive working relationship with others. Verbal and written communication skills and the ability to interact professionally with a diverse group, executives, managers, and subject matter experts. Systems research and analysis. Ability to write and present information security training documentation Demonstrate the ability to stay current on global threats and vulnerabilities. Knowledge of business requirements development and user acceptance testing. Maintain confidentiality and privacy Analytical knowledge necessary to generate reports based on available data and then make decisions based on reported data Required Leadership Experience and Competencies Ability to build effective working relationships with a diverse team in an ever-changing environment Facilitate and resolve customer requests and inquiries for all levels of management within the Corporation PREFERRED COMPETENCIES Preferred Job Skills (Applies to All Levels) Strong knowledge, including hands-on experience with a variety of security monitoring and analytical tools. Excellent knowledge of systems monitoring, monitoring concepts, monitoring implementation and reporting. Scripting/coding skills Ability to perform data analysis reading, aggregating and interpreting log data from multiple tool sets.Advanced skill in use of office equipment, including copiers, fax machines, scanner and telephones Advanced experience with NIST Standards, ISO 27002/BS7799 and COBIT. Advanced knowledge of Microsoft Applications and Suites, Windows Server, SharePoint, and Microsoft SQL databases. Preferred Professional Competencies (Applies to All Levels) Advanced systems research and analysis expertise Ability to build lesson plans and deliver lessons to junior team members. Solid project management skills Solid technical ability and problem solving skills Preferred Leadership Experience and Competencies (Applies to All Levels) Mentor junior information security members on the concepts of information security 9 hours ago - save job - original job Apply On Company Site Other jobs you may like Security Analyst - Internal Control Testing TierPM - Phoenix, AZ 7 days ago Easily apply Access Management Security Analyst Western Alliance Bank - Phoenix, AZ 12 days ago Tier 1 Security Operations Center (SOC) Analy... General Dynamics Mission Systems - Scottsdale, AZ 13 days ago Security Analyst I U-Haul - Phoenix, AZ 8 days ago * Security Operation Center jobs in Phoenix, AZ * Security Operation Center salaries in Phoenix, AZ Blue Cross Blue Shield of Arizona 108 reviews Let employers find you Thousands of employers search for candidates on Indeed Upload Your Resume