Western Alliance Bank

Security Operations Center Analyst III

Req No.
Western Alliance Bank
Regular Full Time


Why should you join our team?

Because being a part of a small progressive Security Operations team will allow your skills to grow and allow you to use your experience to enhance our practices. You will enjoy the autonomy to build the environment for a growing organization.

Why Western Alliance Bancorporation?

We are ranked #4 on Forbes Top Banks for 2017! We are growing and YOU want to be part of our growth! Make your mark on what we will become!

What’s in it for you?

As a SOC Professional at Western Alliance Bank, you will have a unique experience to gain hands on experience on progressive tools such as ElasticSearch (ELK), IDS/IPS, Advanced Anti-virus and Threat Defense Systems, Host based Forensics and Security analytics tools on an ongoing basis.  


The Security Operations Center (SOC) Analyst III is responsible for day-to-day program requirements at a tactical and operational level (network, endpoint, infrastructure, applications, and databases) to detect and respond to cyber threats within the environment.  The position interfaces with other departments to drive remediation activities associated with both active declared incidents and threats due to current vulnerabilities.  Additionally, the position engages in engineering and configuration of both defensive and operational security tools.


  • Perform technical analysis of security alerts from all sources (automated tool alerts, employee reported alerts, fraud investigation related alerts, etc.).
  • Coordinate activities with other technology departments to drive security incidents and vulnerabilities to remediation.
  • Contribute to the development of new security tools, procedures, and processes, including initial recommendation, engineering, maintenance, and operational tuning.
  • Develop, maintain, and tune a threat intelligence program based on current industry trends and risks.
  • Provide ongoing security tool optimization using aggregation, filters, correlation rules, etc.
  • Perform behavioral analysis of malware in a sandbox environment.
  • Support the life-cycle of security tools including coordination and planning of upgrades, new deployments, and maintaining operational efficiency.
  • Apply configuration management disciplines to maintain hardware/software revisions, content, patches, and hardening.
  • Coordinate and conduct log and packet collection, event management, compliance automation, and identity monitoring activities.
  • Track open tickets to ensure SLAs are met.


  •  6+ years of total Information Technology experience including:

    • 3 years’ experience in security tools and concepts such as Logging; Firewalls; Wireshark; TCPDump; Netcat; Netstat; and Log Analysis.
    • 2 years of specific experience in incident/event response process and/or automations. Event/alert suppression and de-dupping.
    • 2 years of experience using scripting techniques (Perl, Python, Rest API, VB, etc.) to automate tasks.
    • Linux, Windows, Cisco, and Junos Network Discovery techniques and automations for CMDB integrations.
    • 2 years of experience in evaluating, installing, configuring, and maintaining at least 2 of the following security tools (IDS, IPS, SIEM, ElasticSearch, Syslog-NG, DLP, Proxy, Firewall, Endpoint forensics, disk encryption, GRC, Vulnerability scanner, sandbox).
  • Experience answering internal and external audit requests and developing plans to remediate any outstanding issues.
  • Vulnerability management experience such as patching, automated updates, and config vulnerability identification and remediation.
  • CISSP, CISA, CISM, GIAC, GCIH, Security+ or related certifications a plus.
  • Experience collecting, maintaining, and validating threat intelligence.
  • Proficient with MS Office, project management software, and at least one GRC tool (highly recommended).
  • Requires strong analytical skills, problem solving skills and project management skills.
  • Extensive training in computer disciplines including application and data security, systems programming, systems design, computer technology or software disciplines.
  • Superb communication skills with both technical and management staff.
  • Ability to recommend and influence business process changes with regards to Information Security policies, standards, processes, and processes (including the use of tools).


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed