Security Operation Center (SOC) Tier 1 Analyst The Security Operations Center is responsible for providing 24/7, 365 monitoring, detection, and response capabilities for Comerica. This includes event, cloud security, and DLP monitoring, as well as a role in the incident response process. The Tier 1 SOC analyst primarily serves as the initial triage and investigation point for the SOC and would escalate incidents on an as needed basis. The Tier 1 Security Operation Center (SOC) Analyst is responsible for proactively monitoring and performing initial triage/investigation of security incidents and alerts to identify any malicious activity. Besides the initial triage and investigation, Tier 1 Analysts are expected to escalate security incidents according to defined escalation policies to Tier 2, Tier 3, and SOC leadership for further investigation/response. Position Responsibilities: SOC Analysis * Monitor security incidents for, endpoints, network, and cloud domains, being generated by the SIEM tool and ticketing system. * Initial triage and investigation of incidents assigned through the ticketing system, following established playbooks for specific incident types. * Respond, mitigate, and eradicate security threats, with guidance from Tier 2, Tier 3 analysts, as well as SOC leadership. Documentation and Support * Provide consistent and quality documentation of actions taken to triage/investigate incidents. * Assist senior staff in development of documentation/knowledge management articles for the SOC. * Handle sensitive information in accordance with the Corporate Information Protection Policy. * Collaborate with other Engineering and Operations teams to troubleshoot, respond, and improve detection capabilities. Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled