Cyber Operations Specialist

Position Overview

The Cyber Operations Specialist is an experienced SOC role within the 24/7 Cyber Fusion Center (CFC) organization. The role is responsible for monitoring, triaging, and escalating security events properly in any technology environment. This role will evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS alerts, firewalls, network traffic logs, cloud platforms, and SOAR solutions) to analyze events that occur within their environments for the purposes of mitigating threats in both structured and unstructured situations.

Individuals in this role are proactive and well‑versed in log, identity, cloud, network, and root cause analysis.

Regular or Temporary: Regular

Language Fluency: English (Required)

Work Shift: 1st shift (United States of America)

• University‑level education (Bachelor’s degree) in Computer Science, Computer Engineering, Cybersecurity, or related field; or equivalent training.
• Two years of experience in Cybersecurity or related work.
• Knowledge of cloud fundamentals.
• Knowledge of general information technology (IT) and cybersecurity.
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Knowledge of network traffic analysis and packet‑level analysis using appropriate tools (e.g., Wireshark, tcpdump).
• Knowledge of operating systems, including Windows/Unix ports and services.
• Knowledge of basic identity and access management concepts.
• Knowledge of phishing tactics and techniques.
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of cyber‑attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
• Knowledge of incident response and handling methodologies.
• Knowledge of countermeasures to address a variety of threats.
• Knowledge of basic automation, ML, and/or AI possibilities.

• Experience working in cloud environments, namely Microsoft Azure and Amazon AWS.
• Industry certifications in general technology (e.g., Network+, AWS Certified Cloud Practitioner, Microsoft Azure Fundamentals).
• Industry certifications in cyber security, such as Security+, CySA+, Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC), Cisco Certified Network Associate (CCNA), GIAC Certified Intrusion Analyst (GCIA), GIAC Security Operations Certified (GSOC), GIAC Certified Incident Handler (GCIH), GIAC Cloud Security Essentials Certification (GCLD).
• Experience in Security Operations Center (SOC), Network Operations Center (NOC), IT/Cyber Engineering, or Intelligence Community (IC).

All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits. Eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax‑preferred savings accounts, and a 401(k) plan. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full‑time or part‑time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays.

Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non‑temporary position for which you apply, based on full‑time or part‑time status, position, and division of work.

Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace.

EEO is the Law E-Verify IER Right to Work