Security Operations Centre Analyst

Security Operations Centre Analyst

This is a great opportunity to work at a rapidly growing, market leading Unified Communications as-a-service company. RingCentral provides Voice-over-IP (VoIP), hosted PBX, voicemail, SMS, e-fax, and HD video meeting solutions for business.

About this role : As a

SOC Analyst

at RingCentral, your primary responsibilities are to implement a comprehensive security monitoring, incident response and threat intelligence program for RingCentral’s global cloud service, corporate and development environments. You will also be collaboratively providing feedback to improve security operations processes, generating actionable analysis and threat intelligence from tools, logs, and other data sources, ensuring strong documentation is in place to support ongoing SOC activities, and reporting your observations to other Security, Operations and IT personnel.

Successful Candidates will :

Have proven skills in application security, security monitoring, incident response and intrusion analysis

Have strong knowledge of the diverse methods and technologies used to attack web / mobile / desktop applications, SaaS infrastructure, and data

Think critically, work well under pressure, and possess strong analytical, written, verbal, and interpersonal skills

Demonstrated track record of quality processes in candidate’s work history

Be strongly self-motivated with an aptitude for both individual and team-oriented work

Have experience following and refining standard operating procedures and playbooks

Responsibilities :

Monitor security events, analyze and investigate alarms, and maintain day-to-day operational activities of a secure cloud environment

Engage teams within and outside of RingCentral to mitigate and resolve cases

Maintain relevant documentation and audit artifacts

Identify and track suspicious system activity

Identify trends and patterns, and present them to Security Engineers to enhance our processes and systems

This role participates in on-call rotations

Qualifications / Requirements :

2+ years in a security engineering, SRE, or SOC roles in a cloud services environment

Experience with SIEM

Experience investigating security incidents

Basic knowledge AWS or GCP

Experience with IDS, case management, and related tools and practices

Experience with Linux, RedHat preferred

Basic knowledge of broad security topics such as encryption, application security, malware, ransomware, etc.

Knowledge of network, VoIP and web related protocols (e.g., TCP / IP, UDP, IPSEC, HTTP, HTTPS, SIP, RTP)

Preferred Skills / Experience :

GIAC or CompTIA Sec+ CYSA+, CISCO, Offsec, splunk / redhat certifications.

Experience using Crowdstrike, Cloudflare, FirePower, Splunk, ELK, Imperva, Syslog, packet capture, and Windows Event Log tools and similar tools

Knowledge of current hacking techniques, malicious code trends, botnets, exploits, malware, DDoS, and data breach events

Strong knowledge of Microsoft Windows