JLL
Senior Security Operations Center (SOC) Analyst
Join to apply for the Senior Security Operations Center (SOC) Analyst role at JLL Technologies – United States / Remote. Base pay range: $140,000.00/yr - $192,000.00/yr About The Role
Jones Lang LaSalle, an international commercial real estate firm, is looking for a Senior Security Operations Center (SOC) Analyst to respond to threats faced by the organization. This position is accountable for responding to alerts and incidents generated by JLL security controls and employee submissions, and for escalating identified critical issues to the Incident Response Team. The analyst will support Global Cyber Defense capabilities by responding to cyber threats that JLL faces and will facilitate robust communications between other teams within the cybersecurity organization. The role reports to the Senior Director of Threat Defense and Response and interfaces with senior leaders such as the global CISO, various business lines, and technical engineers. The candidate should have leadership experience, be detail oriented, and able to operate in a dynamic environment. Responsibilities
Respond to security control alerts and employee submissions; collect, triage, and analyze evidence generated by JLL systems. Assist other SOC Analysts and Incident Responders during advanced attacks/incidents. Monitor emerging threats and vulnerabilities to improve JLL’s threat response capabilities. Track key metrics and contribute to maturing and measuring the threat response program. Recommend control and defensive measures to protect the organization from advanced threat actor tactics. Coordinate automation of repeatable scenarios using SOAR playbooks and native programming tools like Python. Assist with defining, creating, and maintaining SIEM detection rules and dashboards. Experience & Education
Bachelor’s degree in information technology or cybersecurity field (or equivalent experience). 1-3 years of cybersecurity experience, preferably in a technical or SOC role. Experience with automation, AI, and custom tooling to streamline response and data collection. Working knowledge of cybersecurity prevention, detection, and response capabilities (e.g., AV, EDR, SIEM, digital forensics, IPS, WAF). Proficiency with multiple operating systems and cloud environments (Windows, Mac, Linux, Azure, AWS, GCP, O365). Familiarity with cybersecurity frameworks and best practices (NIST 800-53, ISO 27001, MITRE ATT&CK, CIS). Industry certifications or equivalent experience (e.g., CCNA/CEH/GCFE, GCIH, GIAC, etc.). Excellent communication and collaboration skills. Technical Skills & Competencies
Ability to respond to highly technical alerts and incidents. Ability to trace an endpoint on the network based on ticket or alert information. Familiarity with system log information and its meaning. Understanding of common network services (web, mail, DNS, RDP, SFTP, etc.). TCP/IP, Internet routing, UNIX/Linux, Mac, and Windows. Experience with SOAR and automation; creating SOAR playbooks/automations is a plus. Experience using automation and AI in security incident response is a plus. Programming experience (Python, JavaScript) is a plus. Knowledge of SIEM, PCAP analysis, IDS/IPS, network monitoring tools, digital forensics, sandboxing, ticketing platforms, AV/EDR/SOAR. Understanding of cyber-attacks, threat vectors, risk and incident management, vulnerabilities, and zero-days. Apply today!
#J-18808-Ljbffr
Join to apply for the Senior Security Operations Center (SOC) Analyst role at JLL Technologies – United States / Remote. Base pay range: $140,000.00/yr - $192,000.00/yr About The Role
Jones Lang LaSalle, an international commercial real estate firm, is looking for a Senior Security Operations Center (SOC) Analyst to respond to threats faced by the organization. This position is accountable for responding to alerts and incidents generated by JLL security controls and employee submissions, and for escalating identified critical issues to the Incident Response Team. The analyst will support Global Cyber Defense capabilities by responding to cyber threats that JLL faces and will facilitate robust communications between other teams within the cybersecurity organization. The role reports to the Senior Director of Threat Defense and Response and interfaces with senior leaders such as the global CISO, various business lines, and technical engineers. The candidate should have leadership experience, be detail oriented, and able to operate in a dynamic environment. Responsibilities
Respond to security control alerts and employee submissions; collect, triage, and analyze evidence generated by JLL systems. Assist other SOC Analysts and Incident Responders during advanced attacks/incidents. Monitor emerging threats and vulnerabilities to improve JLL’s threat response capabilities. Track key metrics and contribute to maturing and measuring the threat response program. Recommend control and defensive measures to protect the organization from advanced threat actor tactics. Coordinate automation of repeatable scenarios using SOAR playbooks and native programming tools like Python. Assist with defining, creating, and maintaining SIEM detection rules and dashboards. Experience & Education
Bachelor’s degree in information technology or cybersecurity field (or equivalent experience). 1-3 years of cybersecurity experience, preferably in a technical or SOC role. Experience with automation, AI, and custom tooling to streamline response and data collection. Working knowledge of cybersecurity prevention, detection, and response capabilities (e.g., AV, EDR, SIEM, digital forensics, IPS, WAF). Proficiency with multiple operating systems and cloud environments (Windows, Mac, Linux, Azure, AWS, GCP, O365). Familiarity with cybersecurity frameworks and best practices (NIST 800-53, ISO 27001, MITRE ATT&CK, CIS). Industry certifications or equivalent experience (e.g., CCNA/CEH/GCFE, GCIH, GIAC, etc.). Excellent communication and collaboration skills. Technical Skills & Competencies
Ability to respond to highly technical alerts and incidents. Ability to trace an endpoint on the network based on ticket or alert information. Familiarity with system log information and its meaning. Understanding of common network services (web, mail, DNS, RDP, SFTP, etc.). TCP/IP, Internet routing, UNIX/Linux, Mac, and Windows. Experience with SOAR and automation; creating SOAR playbooks/automations is a plus. Experience using automation and AI in security incident response is a plus. Programming experience (Python, JavaScript) is a plus. Knowledge of SIEM, PCAP analysis, IDS/IPS, network monitoring tools, digital forensics, sandboxing, ticketing platforms, AV/EDR/SOAR. Understanding of cyber-attacks, threat vectors, risk and incident management, vulnerabilities, and zero-days. Apply today!
#J-18808-Ljbffr