Principal Security Operations Center (SOC) Analyst
Company Overview
Nuance is the pioneer and leader in conversational artificial intelligence (AI) innovations that bring intelligence to everyday work and life. We deliver solutions that understand, analyze, and respond to people, amplifying human intelligence to increase productivity and improve security. With decades of both domain and AI expertise, we work with thousands of organizations across a wide range of industries.
Check out our team Life at Nuance!
Join our team! At Nuance, we are constantly reinventing how people connect with technology and with each other. Our AI-powered solutions empower organizations to transform “business as usual.” For decades, the world’s leading financial, healthcare, telecommunications, retailers, and government organizations have trusted Nuance to bring them award-winning solutions that deliver more meaningful outcomes and empower a smarter, more connected world. From clinical speech recognition technologies that free physicians to spend more time caring for patients to real-time intelligence that powers billions of customer interactions, we’re deeply committed to helping organizations push the boundaries of what’s possible.
Job Summary
Job Summary
We are seeking to hire a Principal Security Operations Center (SOC) Analyst to help us in our Burlington HQ. We are able to consider candidates that would relocate to as well as those that may require partial remote work (2-3 days from home).
The Prin. SOC Analysts will report to the SOC Manager and be part of a global team. This talented resource will help prepare and manage incidents that are escalated based on alerts and use cases. They will support the team by helping triage issues and grow team skills. They will ensure a high level of documentation with communication suitable to non-technical audiences.
We expect they will have demonstrated the ability and willingness to keep a clear head under pressure, use good judgment when there are gaps in runbooks or procedures, and be available when needed to work on a shift and support emergency callouts as they arise.
Principal Duties and Responsibilities:
- As a senior member of the team, monitor and process responses for security events on a 24x7 basis. (Periodic on-call shift coverage)
- Analyze attacker tactics, techniques, and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems.
- On major incidents, acts as incident commander and primary point of contact.
- Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
- Evaluate current SOC standards and procedures and update or author new content as required.
- Leverage a deep understanding of current and evolving security threats and threat detection solutions as well as contribute to the company’s threat and vulnerability research and IT security strategy and roadmap.
- Leverage automation and orchestration solutions to automate repetitive tasks. (Scripting abilities with Python are highly desired.)
- Investigate and document events to aid incident responders, managers and other SOC team members on security issues and the emergence of new threats.
- Seek opportunities to drive efficiencies and collaborate with other technology teams (e.g. NOC, Service Desk)
- Partner with the security engineering team to improve tool usage and workflow
- Partner with advanced threats and assessment team to mature monitoring and response capabilities.
- Adhere to service level agreements (SLAs), metrics and business scorecard obligations for ticket handling of security incidents and events.
- Leverage knowledge of security on multiple platforms and disciplines (Windows, Unix, Linux, data loss prevention (DLP), endpoint controls, databases, wireless security and data networking).
Typical Day:
- 65% - Preparing or Managing Incidents
- Analyzing security alerts and events logfiles, packet captures, system logs...
- Reviewing incident process and playbook
- Ensuring tools are available and operational
- 35% - Projects
- Standards, Procedures – Maturing the SOC
- Internal training and mentoring – Maturing the SOC
- Onboarding intake & acceptance process for environments/products into production
- Threat Intelligence work – including authoring bulletins
- New idea development
Knowledge, Skill, Qualification:
- Education: Prefer a Bachelor's degree but will consider equivalent work experience. (Master’s ideal)
- Minimum years of Experience: 6 or more years. (We understand that experience and education comes in different forms and skills can be transferable. We prioritize dedication, the demonstrated ability to make a meaningful impact and teamwork. We want employees to learn new things as they contribute at the highest levels.)
Required Skills:
- Deep experience working with various SIEM systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP and other network and system monitoring tools.
- Experience driving measurable improvement in monitoring and response capabilities at scale.
- Knowledge of a variety of Internet protocols
- Track record of acting with integrity, taking pride in work, seeking to excel, being curious, adaptable, and communicating effectively (Verbal, written)
- Demonstratable critical thinking and problem-solving skills
Preferred Skills:
- Experience working in a global operational environment
- Python (Scripting for automation)
- Sumologic, Symantec, Cisco
- Relevant Certifications considered a plus
Additional Information
Nuance offers a compelling and rewarding work environment. We offer market competitive salaries, bonus, equity, benefits, meaningful growth and development opportunities and a casual yet technically challenging work environment. Join our dynamic, entrepreneurial team and become part of our continuing success.
Nuance celebrates diversity and is proud to be an equal employment opportunity and affirmative action workplace. We consider all qualified applicants without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, national origin, military and veteran status, disability, genetics, or any other category protected by law or Nuance policy. If you need an accommodation because of a disability for any part of the employment process, please call 781-565-5086 and let us know.