We’re looking for a candidate to fill this position in an exciting company.
Monitor, investigate alerts and events escalated from the SIEM or other channels, including in-depth log-file analysis, correlate data and threat information.
Take responsibility for handling standard events according to given procedures, handling security tickets independently and escalate to appropriate teams for further investigation.
Support the SOC Security Incident Manager.
Proactively search and identify patterns of compromise, emerging threats, evidence of breach and inconsistencies by analysing historical data.
Enhances current techniques for analysing security events and will provide input to the identification of emerging threats to continuously improve the SOC capabilities.
4 + years of relevant IT security working experience (understanding of risk, vulnerabilities, security policies, etc.) with at least 2-4 years experience working in a SOC environment
Deputy or Team Lead experience
Hands-on experience in various security tools including SIEM, Database activity monitoring, network monitoring and analysis tools, Big Data analytics
Network infrastructure and network security experience with solid understanding of enterprise grade technologies including security devices, network engineering, operating systems, databases and applications and their security settings and configurations
Ability to read and understand system and network traffic data including security event logs, system logs, application logs, etc.
Understanding of Cloud infrastructure, best practices of running and monitoring a Cloud environment
Demonstrate prior experience in scripting languages, software vulnerabilities, hacking techniques, exploits, malware and forensics
Good knowledge of the threat landscape
Knowledge of adversary tactics, techniques, and procedures (TTP), general attack stages, kill-chain and attack types
Knowledge of incident handling and incident response methodologies
Thought leadership in developing/assessing threat use-cases