Security Operations Center (SOC) Tier 3 Analyst
The Security Operations Center is responsible for providing 24/7, 365 monitoring, detection, and response capabilities for Comerica. This includes event, cloud security, and DLP monitoring, as well as a role in the incident response process. The Tier 3 SOC Analyst serves as an escalation point for Tier 1 and Tier 2 Analysts within the SOC and provides advanced analytical and investigation support for complex incidents to assist in containment and mitigation of threats.
The Tier 3 Security Operation Center (SOC) Analyst is responsible for providing oversight during day-to-day operational tasks for Tier 1 and 2 analysts within the SOC, as well as advanced technical investigation capabilities to respond to security incidents. The analyst will serve as the escalation point for all SOC analysts, and as an interface with the Advanced Threat Hunt and Intelligence team for the SOC.
Position Responsibilities:
Security Operations Center (SOC) Analysis
Provides advanced technical investigation and forensics capabilities across malware, phishing, cloud access security brokers (CASB), network, and configuration compliance domains.
Responds to and mitigates security incidents based on defined process and procedures to contain and eradicate threats.
Resolves or escalates investigations to CSIRT as required, in coordination with the SOC Manager.
Interfaces with the threat hunting and threat intelligence teams to build proactive searches / signatures in the SIEM or security application to enhance detection capabilities.
Performs sampled reviews of investigated incidents by Tier 1/Tier 2 Analysts to improve ticket quality and provides feedback to coach junior Analysts.
Documentation and Support
Participates in the development / enhancement of process and technologies impacting the SOC and the broader Cyber Defense Operations function.
Collaborates closely with the SOC Manager to develop recommendations and/or technical implementations to improve workflows within the SOC, including the use of automation and optimization of processes.
Collaborates with other Engineering and Operations teams within Comerica to troubleshoot, respond, and improve detection capabilities.
Handles sensitive information in accordance with the Corporate Information Protection Policy.
Position Qualifications:
Bachelors' Degree from an accredited university in Computer Science, Engineering, Information Systems, or Cyber Security or equivalent degree OR High School/GED with 6 years relevant and/or transferable experience
5 years of experience in information security/technology experience preferably in a SOC/ NOC
4 years of experience using various operating systems and industry standard monitoring, logging, alerting and investigation processes
2 years of experience in incident response
2 years of experience with scripting skills in common languages (e.g. PowerShell, Python, Java, Bash
Licenses/Certifications:
CompTIA Network+, CompTIA Security+, GCIA, GCIH, GREM, or GPEN preferred
Work Best Category: Category C - Days in the office will either be designated days or will vary week to week from 2-5 days Hours: 8:00am - 5:00pm Monday - Friday Salary: To Be Determined Based on Individual Experience
About Comerica
We know our employees are critical to our overall success and we are dedicated to investing in their future. One of the ways we do this is to offer a comprehensive Total Rewards package designed to recognize and reward individual performance, as well support health, well-being, development and security for our colleagues and their family. Total Rewards consists of cash compensation, development and flexible benefit programs designed to meet individual needs today and in the future. Your salary will be commensurate with your work experience and our programs are reviewed regularly to ensure each remain competitive. We are proud to offer benefits such as health and welfare programs, strong retirement benefits, and generous paid time off programs. You and your eligible family members, including domestic partners and their children, can participate in medical, dental, and vision benefits, 401(k) and pension, income protection benefits such as life insurance, AD&D, and supplemental health programs to offset unexpected health care expenses. We also have a variety of time off programs for things like vacation, sick time, disability, and parental leave. Eligibility for some programs varies based on employment status and tenure.
Upon offer, Comerica conducts a comprehensive background and fingerprint check.
NMLS certification requirement: where applicable, a favorable background check screening, credit check, fingerprint check, and NMLS certification is required in accordance with the SAFE Act.
Comerica Incorporated (NYSE: CMA) is a financial services company headquartered in Dallas, Texas, and strategically aligned into three major business segments; the Commercial Bank, the Retail Bank, and Wealth Management. Comerica's colleagues focus on relationships, and helping people and businesses be successful. In addition to Texas, Comerica Bank locations can be found in Arizona, California, Florida and Michigan, with select businesses operating in several other states, as well as in Canada and Mexico.
Comerica is proud to be an Equal Opportunity Employer - veterans/individuals with disabilities, committed to workplace diversity.
