Description Upstream is looking for a Vehicle SOC (vSOC) Analyst to join the Upstream vSOC analysts team and focus on addressing potential vehicle and API security incidents, and creating and implementing, together with customers, strategies for containment and recovery.As a Vehicle SOC Analyst, you will use threat intelligence, previous similar attack vectors, and insights from internal research teams to pinpoint affected assets, the type of attack, and the extent of the attack.The Vehicle SOC Analyst will assist in creating and maintaining playbooks and ensuring the correct training is in place so that team members can implement procedures and policies effectively.Additionally, Vehicle SOC Analyst will act as a security point of contact for managed services for customers and assist in troubleshooting real-time potential security alerts.This role is part-time and is based in Ann Arbor, Michigan, USA, with flexibility to other areas on the East Coast. Responsibilities Primarily responsible for security event monitoring, management, and responseTriage incoming alerts (initial assessing the priority of the event, initial determination of incident to determine risk and damage or appropriate routing of security risks)Provide administrative support for daily operational activitiesEnsure incident identification, assessment, quantification, reporting, communication, mitigation and monitoringEnsure compliance to SLA, process adherence and process improvisation to achieve operational objectivesRevise and develop processes and playbooks to strengthen the current Security Operations FrameworkIdentify threat vectors and develop use cases for security monitoringFine tune detection logic and machine learning profilesDocument all activities during an incident and provide leadership with status updates during the life cycle of the incident.Support Root cause analysis (RCAs) process for events escalated to incident levels Requirements BSc.Student in Computer Science / Software Engineering / Information Systems Engineering or any other relevant degree - a mustAt least two years until graduationPosition requires availability for on-call shifts as part of a rotating scheduleAvailability for at least three working days a week - from office.Familiar with Incident Management and ResponseFamiliar with creation of playbooksFamiliar with security device management and SIEM (Splunk, Qradar, etc.)In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.Familiarity with malware techniques and attack techniques (e.g. code injection, DGA, hooks, etc.)Familiarity with APIs, OWASP API TOP 10 Familiarity with big data platforms and data analysis (e.g. SQL, python)Strong troubleshooting and problem-solving skillsKnowledge of applications, databases, middleware to address security threatsExperience in preparation of reports, dashboards, and documentationExcellent communication skillsAbility to handle high pressure situations with key stakeholdersExcellent interpersonal skills, positive attitude and outstanding customer approachAbility to take initiative and adaptHave excellent written and verbal communication skillsPossess the ability to adjust and adapt to changing priorities in a dynamic environmentBe able to multitask and be proactive in addressing issues and requestsPossess technical acumen and the ability to understand and interpret technical specificationsUpstream is an equal opportunity employer. All candidates for employment will be considered without regard to race, color, religion, sex, national origin, physical or mental disability, veteran status, or any other basis protected by applicable federal, state or local law.
