Junior Vehicle SOC Analyst

Position Overview

Upstream is looking for a Vehicle SOC (vSOC) Analyst to join their vSOC analysts team and focus on addressing potential vehicle and API security incidents, as well as creating and implementing, together with customers, strategies for containment and recovery. In this role, you will use threat intelligence, historical attack vectors, and insights from internal research teams to pinpoint affected assets, assess the type and extent of attacks, and assist in creating and maintaining playbooks. You will also serve as a security point of contact for managed services and help troubleshoot real-time potential security alerts. This position is part-time and based in Ann Arbor, Michigan, USA, with flexibility to other areas on the East Coast. Upstream is an equal opportunity employer, considering all candidates without discrimination.

Key Responsibilities

• Primarily responsible for security event monitoring, management, and response.
• Triage incoming alerts by initially assessing the event’s priority and determining the risk and damage or appropriate routing of security risks.
• Provide administrative support for daily operational activities.
• Ensure incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.
• Ensure compliance to SLA, process adherence, and improvise processes to achieve operational objectives.
• Revise and develop processes and playbooks to strengthen the current Security Operations Framework.
• Identify threat vectors and develop use cases for security monitoring.
• Fine tune detection logic and machine learning profiles.
• Document all activities during an incident and provide leadership with status updates throughout the incident lifecycle.
• Support the Root Cause Analysis (RCA) process for events escalated to incident levels.

Required Qualifications

• BSc. student in Computer Science, Software Engineering, Information Systems Engineering, or another relevant field – a must.
• At least two years until graduation.
• Availability for on-call shifts as part of a rotating schedule.
• Availability for at least three working days a week from the office.
• Familiarity with Incident Management and Response.
• Experience in the creation of playbooks.
• Familiarity with security device management and SIEM tools (e.g., Splunk, QRadar, etc.).
• In-depth knowledge of security concepts such as cyber-attacks, threat vectors, risk management, and incident management.
• Familiarity with malware and attack techniques (e.g., code injection, DGA, hooks, etc.).
• Understanding of APIs and OWASP API TOP 10.
• Experience with big data platforms and data analysis (e.g., SQL, Python).
• Strong troubleshooting and problem-solving skills.
• Knowledge of applications, databases, and middleware to address security threats.
• Experience in report, dashboard, and documentation preparation.
• Excellent communication skills with an ability to handle high-pressure situations with key stakeholders.
• Outstanding interpersonal skills, a positive attitude, and an excellent customer approach.
• Proactive and adaptable with the ability to take initiative.
• Excellent written and verbal communication skills.
• Ability to adjust to changing priorities in a dynamic environment and effectively multitask.
• Strong technical acumen with the ability to understand and interpret technical specifications.