Ascot Group
Senior Cyber Defense SOC Analyst (L3)
Ascot Group, Stamford, Connecticut, United States, 06925
Join to apply for the
Senior Cyber Defense SOC Analyst (L3)
role at
Ascot Group Continue with Google Continue with Google Join to apply for the
Senior Cyber Defense SOC Analyst (L3)
role at
Ascot Group Job Description
This is an opportunity to join Ascot Group - one of the worlds preeminent specialty risk underwriting organizations. Job Description
This is an opportunity to join Ascot Group - one of the worlds preeminent specialty risk underwriting organizations.
Designed as a modern-era company operating through an ecosystem of interconnected global operating platforms, were bound by a common mission and purpose: One Ascot. Our greatest strength is a talented team who flourish in a collaborative, inclusive, and entrepreneurial culture, steeped in underwriting excellence, integrity, and a passion to find a better way,
The Ascot Way .
The Ascot Way guides our people and our organization. Our underwriting platforms collaborate to find creative ways to deploy our capital in a true cross-product and cross-platform approach. These platforms work as one, deploying our capital creatively through our unique Fusion Model: Client Centric, Risk Centric, Technology Centric.
Built to be resilient, Ascot maximizes client financial security while delivering bespoke products and world class service both pre- and post-claims. Ascot exists to solve for our clients brightest tomorrow, through agility, collaboration, resilience, and discipline.
About The Role
As part of our 24x7 Cyber Defense function, the Senior SOC Analyst L3 will be responsible for investigating security incidents, improving detection content and supporting the overall monitoring, detecting and cybersecurity incident response activities. This involves working closely with the members of the internal Cyber Resilience team and our Managed Security Service Provider (MSSP).
Acting as an escalation point for L1/L2 SOC analysts, this resource will work within an expanding cybersecurity team, collaborating with cybersecurity managers, IT Infrastructure, and Deskside Support Teams.
You must be detail-oriented, diligent, and capable of managing multiple aspects of the incident response lifecycle simultaneously. You will be supporting a 24X7 Cybersecurity Defense function and will be required to work in shifts that will vary based on operational needs to support the global footprint across the UK and US time zones.
This resource will additionally be responsible for maintaining detection content on the detection tool, (detection rules, log ingestion, parsers, forwarders), maintaining playbooks, SOC documentation and supporting integrations and log sources associated with the overall Cyber Defense solution. This role will be in the office with a hybrid work schedule.
Responsibilities
Monitor our security tools to triage and respond to suspicious events and abnormal activities, capable of performing deep-dive incident investigations. Serve as a point of escalation for the L1, L2 SOC Analysts, and the point of contact for our MSSP, coordinating response efforts with other groups and stakeholders with varying technical expertise, such as IT, Legal, business etc. Develop and implement advanced security protocols and incident response procedures and improve our threat intelligence processes. Stay current with evolving threats, vulnerabilities, tools, technologies and threat actor TTPs to help improve detection and response capabilities. Provide oversight and governance over the daily operations of the MSSP and SOC team at a global level. Mentor and provide training to junior SOC team members. Develop and refine standard operating procedures in the form of run books and playbooks for incident response and threat detection.Create and make improvements to procedures and playbooks. Conduct technical analysis, log reviews, and assessments of cybersecurity incidents throughout the incident management lifecycle. Work with end users where appropriate on security related incident and request workflow. Document and manage incident cases to utilize information for stakeholder engagement to provide insight, intelligent recommendations, risk reporting and lessons learned. Work in scheduled shift patterns when required. Conduct in-depth security investigations, log analysis, network/email traffic assessment, and evaluate other data sources to identify root causes, assess impact, and gather evidence for response and mitigating actions. Implement detection use cases within our SIEM for our expanding estate using appropriate scripting languages. Manage log sources, log ingestion volumes, detection content and overall SIEM solution system health, maintenance, and upgrades. Assist with additional ad hoc projects as required.
Requirements
Cybersecurity related Bachelors degree or related field. Minimum of 10 years of experience in a security operations role, OC engineering and or a cybersecurity technical engineering role. Exposure to building and migrating log sources onto a new SIEM platform, creating detection content, log parsers and detection engineering will be preferred. Alternatively, candidates that have worked in senior technical roles in a Managed Security Service Provider (MSSP) will be preferred. Preference will be given to candidates who also have additional technical and cyber-risk certifications covering both defensive and offensive security such as CompTIA Security+, Certified SOC Analyst (CSA), Certified Ethical Hacker (CEH), CySA+, CISSP, GSEC, GCIH, CCSP, Microsoft SC-200, CISSP-ISSMP, CTIA, OSCP Candidates must have solid experience and knowledge of typical enterprise technologies. On-premises and cloud base Windows and Linux operating systems (OS), Microsoft Azure, M365 and the ability to detect signs of compromise in these systems. Possess a growth mindset and is willing to learn how to resolve technical security issues. Demonstrate a working and genuine interest and talent in Cybersecurity Demonstrate detail orientation and can take a structured approach to procedures and working instructions. Work and maintain a calm structured mindset even when under pressure. Possess an aptitude for understanding and analysing data when troubleshooting. Strong written communication, critical thinking, and analysis skills,including the ability to present potential risks and actual findings to a wide audience. Ability to communicate complex problems to a non-technical audience. Must have a working understanding of key security concepts and attack types such as phishing, malware, vulnerabilities, Cyber Kill Chain, and attack stages. A strong analytical mindset, capable of digesting a wide range of information to make practical judgements based on available data and context. Experience with security tools and technologies, including SIEM, intrusion detection systems, EDR, XDR, log analysis, and malware analysis. Understand threat actor tactics, techniques and procedures, have familiarity with the MITRE-ATT&CK Framework and different stages of an attack lifecycle. Maintain a desire to keep learning, with a curious and creative growth mindset.
***This position may be filled at a different level, depending on experience***
Compensation
Actual base pay could vary and may be above or below the listed range based on factors including but not limited to experience, subject matter expertise, and skills. The base pay is just one component of Ascots total compensation package for employees. Other rewards may include an annual cash bonus and other forms of discretionary compensation awarded by the Company.
The Annualized Base Pay Range For This Role Is
$125,000 - $135,000.
Company Benefits
The Company provides a competitive benefits package that includes the following (eligibility requirements apply):
Health and Welfare Benefits: Medical (including prescription coverage), Dental, Vision, Health Savings Account, Commuter Account, Health Care and Dependent Care Flexible Spending Accounts, Life Insurance, AD&D, Work/Life Resources (including Employee Assistance Program), and more
Leave Benefits: Paid holidays, annual Paid Time Off (includes paid state /local paid leave where required), Short-term Disability, Long-term Disability, Other leaves (e.g., Bereavement, FMLA, Adoption, Maternity, Military, Primary & Non-Primary Caregiver)
Retirement Benefits: Contributory Savings Plan (401k)
Seniority level
Seniority level
Mid-Senior level Employment type
Employment type
Full-time Job function
Job function
Information Technology Industries
Insurance Referrals increase your chances of interviewing at Ascot Group by 2x Get notified about new Security Operations Center Analyst jobs in
Stamford, CT . White Plains, NY $94,000 - $117,000 1 day ago Information Technology Security Engineer
Westbury, NY $120,000 - $150,000 3 weeks ago Farmingdale, NY $135,000.00 - $150,000.00 23 hours ago Stamford, CT $100,000.00 - $150,000.00 1 week ago Senior Security Ops Analyst - Incident Response
Bethpage, NY $69,615.00 - $114,368.00 2 months ago White Plains, NY $80,000.00 - $100,000.00 10 months ago Englewood Cliffs, NJ $105,000.00 - $135,000.00 2 days ago Bridgeport, CT $114,169.08 - $190,281.81 1 day ago Stamford, CT $119,808.00 - $157,722.00 3 weeks ago Jericho, NY $124,400.00 - $232,700.00 1 day ago Englewood Cliffs, NJ $160,000.00 - $175,000.00 2 days ago White Plains, NY $97,000.00 - $154,000.00 2 weeks ago End User Security Associate BUISO/Access Management
Purchase, NY $57,000.00 - $110,000.00 3 weeks ago Compliance Technician, Bureau of IT Infrastructure and Support Services
Stamford, CT $128,000 - $186,000 1 week ago Farmingdale, NY $135,000 - $150,000 1 day ago Incident Response Analyst, Office of Chief Information Officer
CyberSecurity Solutions Engineer, USPS SLED - NYC
Fairfield County, CT $202,200 - $256,800 2 days ago Staff Cyber Security Engineer (Generative AI)
Englewood Cliffs, NJ $125,000 - $155,000 2 days ago Brentwood, NY $145,000 - $160,000 5 hours ago Compliance Technician, Bureau of IT Infrastructure and Support Services
Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr
Senior Cyber Defense SOC Analyst (L3)
role at
Ascot Group Continue with Google Continue with Google Join to apply for the
Senior Cyber Defense SOC Analyst (L3)
role at
Ascot Group Job Description
This is an opportunity to join Ascot Group - one of the worlds preeminent specialty risk underwriting organizations. Job Description
This is an opportunity to join Ascot Group - one of the worlds preeminent specialty risk underwriting organizations.
Designed as a modern-era company operating through an ecosystem of interconnected global operating platforms, were bound by a common mission and purpose: One Ascot. Our greatest strength is a talented team who flourish in a collaborative, inclusive, and entrepreneurial culture, steeped in underwriting excellence, integrity, and a passion to find a better way,
The Ascot Way .
The Ascot Way guides our people and our organization. Our underwriting platforms collaborate to find creative ways to deploy our capital in a true cross-product and cross-platform approach. These platforms work as one, deploying our capital creatively through our unique Fusion Model: Client Centric, Risk Centric, Technology Centric.
Built to be resilient, Ascot maximizes client financial security while delivering bespoke products and world class service both pre- and post-claims. Ascot exists to solve for our clients brightest tomorrow, through agility, collaboration, resilience, and discipline.
About The Role
As part of our 24x7 Cyber Defense function, the Senior SOC Analyst L3 will be responsible for investigating security incidents, improving detection content and supporting the overall monitoring, detecting and cybersecurity incident response activities. This involves working closely with the members of the internal Cyber Resilience team and our Managed Security Service Provider (MSSP).
Acting as an escalation point for L1/L2 SOC analysts, this resource will work within an expanding cybersecurity team, collaborating with cybersecurity managers, IT Infrastructure, and Deskside Support Teams.
You must be detail-oriented, diligent, and capable of managing multiple aspects of the incident response lifecycle simultaneously. You will be supporting a 24X7 Cybersecurity Defense function and will be required to work in shifts that will vary based on operational needs to support the global footprint across the UK and US time zones.
This resource will additionally be responsible for maintaining detection content on the detection tool, (detection rules, log ingestion, parsers, forwarders), maintaining playbooks, SOC documentation and supporting integrations and log sources associated with the overall Cyber Defense solution. This role will be in the office with a hybrid work schedule.
Responsibilities
Monitor our security tools to triage and respond to suspicious events and abnormal activities, capable of performing deep-dive incident investigations. Serve as a point of escalation for the L1, L2 SOC Analysts, and the point of contact for our MSSP, coordinating response efforts with other groups and stakeholders with varying technical expertise, such as IT, Legal, business etc. Develop and implement advanced security protocols and incident response procedures and improve our threat intelligence processes. Stay current with evolving threats, vulnerabilities, tools, technologies and threat actor TTPs to help improve detection and response capabilities. Provide oversight and governance over the daily operations of the MSSP and SOC team at a global level. Mentor and provide training to junior SOC team members. Develop and refine standard operating procedures in the form of run books and playbooks for incident response and threat detection.Create and make improvements to procedures and playbooks. Conduct technical analysis, log reviews, and assessments of cybersecurity incidents throughout the incident management lifecycle. Work with end users where appropriate on security related incident and request workflow. Document and manage incident cases to utilize information for stakeholder engagement to provide insight, intelligent recommendations, risk reporting and lessons learned. Work in scheduled shift patterns when required. Conduct in-depth security investigations, log analysis, network/email traffic assessment, and evaluate other data sources to identify root causes, assess impact, and gather evidence for response and mitigating actions. Implement detection use cases within our SIEM for our expanding estate using appropriate scripting languages. Manage log sources, log ingestion volumes, detection content and overall SIEM solution system health, maintenance, and upgrades. Assist with additional ad hoc projects as required.
Requirements
Cybersecurity related Bachelors degree or related field. Minimum of 10 years of experience in a security operations role, OC engineering and or a cybersecurity technical engineering role. Exposure to building and migrating log sources onto a new SIEM platform, creating detection content, log parsers and detection engineering will be preferred. Alternatively, candidates that have worked in senior technical roles in a Managed Security Service Provider (MSSP) will be preferred. Preference will be given to candidates who also have additional technical and cyber-risk certifications covering both defensive and offensive security such as CompTIA Security+, Certified SOC Analyst (CSA), Certified Ethical Hacker (CEH), CySA+, CISSP, GSEC, GCIH, CCSP, Microsoft SC-200, CISSP-ISSMP, CTIA, OSCP Candidates must have solid experience and knowledge of typical enterprise technologies. On-premises and cloud base Windows and Linux operating systems (OS), Microsoft Azure, M365 and the ability to detect signs of compromise in these systems. Possess a growth mindset and is willing to learn how to resolve technical security issues. Demonstrate a working and genuine interest and talent in Cybersecurity Demonstrate detail orientation and can take a structured approach to procedures and working instructions. Work and maintain a calm structured mindset even when under pressure. Possess an aptitude for understanding and analysing data when troubleshooting. Strong written communication, critical thinking, and analysis skills,including the ability to present potential risks and actual findings to a wide audience. Ability to communicate complex problems to a non-technical audience. Must have a working understanding of key security concepts and attack types such as phishing, malware, vulnerabilities, Cyber Kill Chain, and attack stages. A strong analytical mindset, capable of digesting a wide range of information to make practical judgements based on available data and context. Experience with security tools and technologies, including SIEM, intrusion detection systems, EDR, XDR, log analysis, and malware analysis. Understand threat actor tactics, techniques and procedures, have familiarity with the MITRE-ATT&CK Framework and different stages of an attack lifecycle. Maintain a desire to keep learning, with a curious and creative growth mindset.
***This position may be filled at a different level, depending on experience***
Compensation
Actual base pay could vary and may be above or below the listed range based on factors including but not limited to experience, subject matter expertise, and skills. The base pay is just one component of Ascots total compensation package for employees. Other rewards may include an annual cash bonus and other forms of discretionary compensation awarded by the Company.
The Annualized Base Pay Range For This Role Is
$125,000 - $135,000.
Company Benefits
The Company provides a competitive benefits package that includes the following (eligibility requirements apply):
Health and Welfare Benefits: Medical (including prescription coverage), Dental, Vision, Health Savings Account, Commuter Account, Health Care and Dependent Care Flexible Spending Accounts, Life Insurance, AD&D, Work/Life Resources (including Employee Assistance Program), and more
Leave Benefits: Paid holidays, annual Paid Time Off (includes paid state /local paid leave where required), Short-term Disability, Long-term Disability, Other leaves (e.g., Bereavement, FMLA, Adoption, Maternity, Military, Primary & Non-Primary Caregiver)
Retirement Benefits: Contributory Savings Plan (401k)
Seniority level
Seniority level
Mid-Senior level Employment type
Employment type
Full-time Job function
Job function
Information Technology Industries
Insurance Referrals increase your chances of interviewing at Ascot Group by 2x Get notified about new Security Operations Center Analyst jobs in
Stamford, CT . White Plains, NY $94,000 - $117,000 1 day ago Information Technology Security Engineer
Westbury, NY $120,000 - $150,000 3 weeks ago Farmingdale, NY $135,000.00 - $150,000.00 23 hours ago Stamford, CT $100,000.00 - $150,000.00 1 week ago Senior Security Ops Analyst - Incident Response
Bethpage, NY $69,615.00 - $114,368.00 2 months ago White Plains, NY $80,000.00 - $100,000.00 10 months ago Englewood Cliffs, NJ $105,000.00 - $135,000.00 2 days ago Bridgeport, CT $114,169.08 - $190,281.81 1 day ago Stamford, CT $119,808.00 - $157,722.00 3 weeks ago Jericho, NY $124,400.00 - $232,700.00 1 day ago Englewood Cliffs, NJ $160,000.00 - $175,000.00 2 days ago White Plains, NY $97,000.00 - $154,000.00 2 weeks ago End User Security Associate BUISO/Access Management
Purchase, NY $57,000.00 - $110,000.00 3 weeks ago Compliance Technician, Bureau of IT Infrastructure and Support Services
Stamford, CT $128,000 - $186,000 1 week ago Farmingdale, NY $135,000 - $150,000 1 day ago Incident Response Analyst, Office of Chief Information Officer
CyberSecurity Solutions Engineer, USPS SLED - NYC
Fairfield County, CT $202,200 - $256,800 2 days ago Staff Cyber Security Engineer (Generative AI)
Englewood Cliffs, NJ $125,000 - $155,000 2 days ago Brentwood, NY $145,000 - $160,000 5 hours ago Compliance Technician, Bureau of IT Infrastructure and Support Services
Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr