The Security Operations / SOC Analyst works within the Security Operations Centre to monitor security alerts, respond and remediate detected issues, and work with the Incident Management process to remove threats and vulnerabilities within the organization. This role collaborates with other Information Security and IT Operational teams to maintain a secure environment and for incident response capabilities. This position will be responsible for performing security event analysis, incident response, and other related activities as part of a global 24x7x365 organization.
- Experience of at least 3 years in using SIEM / SOAR Platform, SIEMPLIFY / SPLUNK
- Monitoring and analysis of cyber security events with the use of QRadar (SIEM), IDS, Cylance,RedCloak, McAfee antivirus and other tools.
- Execution of SOC procedures.
- Triage security events and incidents, detect anomalies, and report remediation actions.
- Ensure completeness of the incident information.
- Analysis of phishing emails reported by internal end users.
- Escalation of incidents to be handled to L2 SOC team, when relevant.
- Follow up on remediation activities.
- Triage on general information security tickets.
- Investigate security breaches and other cybersecurity incidents.
- Install security measures and operate software to protect systems and information infrastructure,including firewalls and data encryption programs.
- Document security breaches and assess the damage they cause.
- Provide documentation of work through a variety of communications such as ticketing,operational briefs, and status reports
Qualifications Experience Requirements:
- Previous experience working in a Security Operations Centre (SOC),dynamic and/or malware analysis
- Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
- Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
- Engineering Graduate required