"Alerted.org

Start a Watco Career and Discover the Difference

Keep the world's supply chain moving. That's what the Watco team does every day at our short line railroads, switching sites, terminals, ports, and logistics hubs. Whether you're at one of these locations or in a support-services role, there's one thread that ties everyone together. We're all or the same team. One Watco.Here's what you can expect from Watco:

• Outstanding culture recognized by Forbes and Newsweek• Competitive compensation and benefits• Leadership and development programs offered through Watco University• Career advancement opportunities

Job Summary

The Senior Security Operations Center (SOC) Analyst will work in our Security Operations team. Watco is a multinational organization that operates multiple on-premise and cloud data centers as well cloud SaaS solutions. The SOC/NOC team is responsible for rolling out new technologies, tools, and procedures to enhance our defensive, detection, and cyber recovery posture to meet the ever-changing threat landscape. The Senior SOC Analyst will work collaboratively with other SOC team members to detect and respond to information security incidents, maintain and follow procedures for security event alerting, and perform security investigations. Additionally, the Senior SOC Analyst will work to improve the SOC processes, and take a lead role in project work and project management. This role is equal parts operationally focused and project/engineering work to advance the security of the organization. The Senior SOC Analyst will perform tasks including monitoring, research, classification and analysis of security events that occur on the network or endpoint, development or refinement of standard operating procedures, and regulatory compliance and audit work. The Senior SOC Analyst should have familiarity with the principals of network and endpoint security, current threat and attack trends, and have a working knowledge of security principals such as defense in depth.This position is on the management track for our SOC and a successful candidate should be considering a role in security management as part of their career path, though effective understanding of information security is more important than team management. We are looking for a new team member that performs well in an open and collaborative management environment of our team. This is a hybrid work position.

Essential Duties and Responsibilities

• Reviewing alerts, the evaluation of its urgency and relevancy • Perform vulnerability scans • Reviewing the vulnerability scan results and support creating remediation actions• Handle incidents and increasing the capabilities of the current defensive security tools• Deploy new products and tools to advance the capabilities of the team• Maintain the current security-related infrastructure (e.g. SIEM, Vulnerability Scanner, Cloud Posture Management, ZTNA tools, EDR tools)• Review, update, or create new standard operating procedures for effective SOC operation• Evaluate products and work with vendors to implement new products in our SOC• Work with end users on detecting and remediating end point alerts and issues• Perform threat hunting, event remediation, and deployment and tuning of security systems.• Work on enhancing policies and procedures for standardized secure operations• Provide initial incident response and triage of new NOC and SOC events• Primarily work a day shift window, however there will be an after-hours and weekend incident management rotation with this position

Qualifications

• 3-5 years experience in SOC operations or a security related technical IT operations • Strong networking skills and understanding• Basic experience in security assessment and incident management• Technical education, preferably in computational sciences or business information technology• Basic experience in IT risk management, Information Security and IT processes• Excellent communication skills in English • Excellent Windows operating system skills• Key understanding of IP networking• Limited travel requirements with this role

Desired Qualifications:

• Incident Response and cyber recovery• Performing vulnerability scans and assessments• Setting up and maintaining firewalls• MacOS and Linux• Scripting languages• DevSecOps experience• Securing cloud infrastructure• TSA SD-1580 regulations• USCG MTSA cybersecurity regulations• Spanish language skills

Education

Bachelor's degree