About Protera Welcome to Protera Technologies, where we’re reimagining how SAP-centric organizations work in the cloud. Since 1998, we’ve been pioneers in bringing SAP and related applications to the cloud—think Microsoft Azure and AWS. Our global crew, spanning the US with offices in Chicago (HQ), Athens, Greece, and Mumbai, India, is on a mission to make IT smoother, faster, and more fun for our clients. But here’s the thing: we’re not your typical “serious tech company.” While we’re obsessed with delivering top-notch IT solutions, we’re all about keeping it real, approachable, and enjoyable. We work hard, but we also play hard—whether we’re collaborating on cloud optimizations, enhancing security, or just hanging out as a team. At Protera, we believe in empowering SAP-centric organizations with the best tools and tech to drive growth, and we love what we do. Our values? Simple: stay curious, stay authentic, and make meaningful connections. We celebrate wins big and small, whether it's a successful project or a fun team event. If you’re looking for a place where tech and fun collide, come join us and see what makes Protera a great place to work. Shift Timing- Rotational (24*7) What You’ll Do The SOC Analyst is responsible for maintaining the organization’s cybersecurity posture through continuous monitoring, detection, and incident response. Using advanced technologies such as Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Network Detection and Response (NDR), File Integrity Monitoring (FIM), and Next-Gen Antivirus (NGAV), the analyst identifies and mitigates security threats in real time. This role also contributes to the design and development of automated playbooks using Security Orchestration, Automation, and Response (SOAR) platforms to streamline response workflows and improve SOC efficiency. The analyst collaborates across teams to strengthen detection logic, enhance processes, and ensure proactive defense against evolving cyber threats. Threat Monitoring & Detection - Monitor and analyze security alerts from SIEM, EDR, NDR, FIM, and Antivirus platforms to detect potential threats. - Perform correlation and pattern analysis across multiple data sources to identify anomalies and sophisticated attack behaviors. - Continuously tune and optimize detection rules to reduce false positives and improve fidelity. Incident Response & Management - Execute incident response lifecycle activities including triage, containment, eradication, and recovery following NIST standards. - Document incidents thoroughly, providing root cause analysis, attack vectors, and corrective actions. - Support post-incident reviews to identify control gaps and recommend security improvements. Playbook Development & Automation - Develop, maintain, and enhance incident response playbooks and runbooks to ensure standardized handling of recurring alerts and use cases. - Collaborate with senior analysts to build SOAR playbooks for automated enrichment, containment, and notification workflows. - Align playbooks with MITRE ATT&CK and Cyber Kill Chain frameworks to ensure comprehensive coverage of adversarial tactics. Vulnerability & Risk Management - Conduct regular vulnerability assessments and coordinate with IT teams for timely remediation. - Evaluate system configurations and network architecture for potential risks and ensure secure baselines. - Track and report on vulnerability remediation metrics. Security Tooling & Integration - Manage and optimize EDR, SIEM, SOAR, FIM, NDR, and Antivirus tools to ensure operational readiness. - Integrate data sources and automate workflows between platforms for improved incident visibility and response time. - Provide input on the design and deployment of new security solutions. File Integrity & Endpoint Protection - Monitor File Integrity Monitoring (FIM) systems to detect unauthorized modifications in critical files and directories. - Analyze and respond to Antivirus/NGAV alerts to prevent and contain endpoint infections. - Validate cleanup and verify systems post-remediation. Network Detection & Threat Intelligence - Leverage NDR tools to identify lateral movement, command-and-control (C2) traffic, and exfiltration attempts. - Incorporate Threat Intelligence Feeds (STIX/TAXII) for enhanced situational awareness and detection context. - Conduct proactive threat hunting based on known TTPs (Tactics, Techniques, and Procedures). Reporting & Compliance - Generate detailed reports and dashboards highlighting incident metrics, trends, and SOC performance (MTTD, MTTR, volume by category). - Ensure compliance with standards like ISO 27001, SOC 2, GDPR, HIPAA, and NIST CSF. - Support audits and assist in evidence gathering for compliance activities.

Lead the design and development of risk modeling tools, define and improve cybersecurity risk assessment methodologies, and ensure compliance with ISO/SAE 21434 standards while collaborating cross-functionally to integrate assessments into vehicle...

Role Description The IT Security Operations Manager leads the organization’s security operations to protect the confidentiality, integrity, and availability of information systems. This role oversees security monitoring, incident response, vulnerability management, and operational security processes, ensuring alignment with business goals and regulatory requirements. The position includes team leadership with some hands-on technical involvement and requires occasional after-hours support for critical incidents. The role also supports a high-quality, person-centered environment aligned with ESSC’s mission and values. Qualifications - Bachelor’s degree in Computer Science, Information Security, or related field preferred. - CISSP, CISM, or equivalent security certifications. - Proven experience managing SOC operations and incident response. - 6-8 years' experience in IT/IT Security. - 2-3 years' experience in security leadership. Requirements - Strong knowledge of security frameworks (NIST, ISO, MITRE ATTACK). - Excellent leadership, communication, and stakeholder management skills. - Ability to work under pressure and manage multiple priorities. - Skilled in SIEM, Vulnerability Management, SOAR, EDR technologies as well as the vendors that provide them. - Strategic thinking and decision-making. - Strong analytical and problem-solving skills. - Ability to obtain and maintain a criminal record/fingerprint clearance from the Department of Justice and Federal Bureau of Investigation per Easterseals of Southern California and/or program requirements. - Must pass all drug testing required by ESSC. - This role requires availability outside of standard business hours, including evenings, weekends, or holidays, to support security incidents, emergency response activities, or critical operational events. Off-hours engagement is expected to be infrequent but mandatory when business risk or system integrity requires immediate leadership involvement. Benefits - Starting Salary Range: $110k - $145k / yr. Physical Requirements in Accordance with ADA - Carrying/Lifting: Occasional / 0 to 30lbs. - Standing: Occasional / Up to 3 hours a day. - Sitting: Constant / Up to 8 hours a day. - Walking: Occasional / Up to 3 hours a day. - Travel: This is a remote position but will require occasional travel. - Repetitive Motion/Activity: Keyboard activity, telephone use, writing. - Visual Acuity: Views monitors/printed materials. - Environmental Exposure: Standard office environment.

• Create thought leading security operations, monitoring and vulnerability management research for Gartner clients • Meet with clients daily via phone, video-conference, or face-to-face presentations • Research technology, practices and trends to produce written research for clients • Conduct research and analysis in areas of expertise targeting client’s key initiatives • Deliver high quality actionable advice through various media • Maintain Gartner’s industry leadership reputation by responding to press inquiries • Collaborate with the wider sales organization for outstanding sales support