Upstream Security is looking for a senior Vehicle SOC (VSOC) analyst to address potential vehicle security incidents, evaluate incidents identified by Tier 1 analysts, and create and implement, together with customers, a strategy for containment and recovery.
The senior VSOC analyst will use threat intelligence, previous similar attack vectors, and insights from internal research teams to pinpoint affected assets, the type of attack, and the extent of the attack. The senior VSOC analyst will be responsible for playbook creation and maintenance and will ensure that the correct training is in place so that team members can implement procedures and policies.
The senior VSOC analyst will act as the vehicle security focal point for managed services for customers and troubleshooting of real-time potential security alerts.
The position is full-time based in Michigan / Metro Detroit
- Security guru - lead and manage Upstream’s Security Operations
- Primarily responsible for security event monitoring, management, and response
- Be a thought leader in security engineering and operations delivery - driving automation, analytics, and advanced threat analysis
- Oversee technical delivery, assess and continually improve output and ensure that processes are developed and adhered to drive operational excellence
- Provide administrative direction and support for daily operational activities
- Participate in business reviews with partners and customers
- Benchmark, analyze, report on, and make recommendations for the improvement and growth of the Next Generation security infrastructure and systems
- Establish operational foundations, defining metrics and KPIs to drive governance, quality, and efficiency. Influence and improve existing processes through innovation and operational change
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
- Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
- Revise and develop processes to strengthen the current Security Operations Framework, review policies and highlight the challenges in managing SLAs
- Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
- Responsible for integration of standard and non-standard logs in SIEM
- Creation of reports, dashboards, metrics for SOC operations and presentation to senior management
- Proficient in Incident Management and Response
- Experience in creation of playbooks
- Experience in security device management and SIEM (Splunk, Qradar, Sentinel)
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Familiarity with malware techniques and attack techniques (e.g. code injection, DGA, hooks, etc.)
- Strong troubleshooting and problem-solving skills
- Knowledge of applications, databases, middleware to address security threats
- Proficient in preparation of reports, dashboards, and documentation
- Excellent communication and leadership skills
- Ability to handle high pressure situations with key stakeholders
- Excellent interpersonal skills, positive attitude and outstanding customer approach
- Ability to take initiative and adapt
- Experience in performing vendor management