The Security Operations Center (SOC) Analyst will be responsible for daily activities supporting information security monitoring and response. The primary function of this position is to monitor, analyze, respond, and report the information security events received from customers’ monitored servers/network devices and provide Incident Response (IR) support when analysis confirms actionable incidents.
Responsibilities:
• Investigate potential security incidents under the guidance of playbooks and procedures.
• Analyze and assess security alerts.
• Validates, classifies, and opens security incident cases or escalates to Tier 2 Analysts.
Required Skills:
• Minimum of 3 years of experience in the Security/Cyber Security domain
• Prior experience of working in Security Operations Center and understanding of IR processes
• Hands-on experience in SIEM Technologies & Security tools like Qradar, FireEye, Splunk, ArcSight, LogRhythm, etc.
• Knowledge and/or experience with network protocols such as TCP/IP, Syslog, DNS, DHCP, and NetFlow is required.
• Knowledge and/or experience with security vulnerability assessment tools is preferable.
Direct report:
• The position reports directly to the Manager of the Security Operations Center