.Overview: STATEMENT:The Security Operations Center (SOC) Analyst will be responsible to the protection of client assets and information by monitoring security events and responding to incidents.
Perform monitoring and data correlation of events with a focus on root cause analysis, using multiple tools such as system event logs, SIEM, IPS/IDS logs, network traffic, EDR console and client end-point software to determine if there is an incident.
Respond to security incident and investigation requests in line with established SIRT processes and procedures within defined service level targets.This position requires shift work in a 24/7/365 environment, for this reason a shif rotation to cover weekend support will be needed.DETAILED RESPONSIBILITIES:1.
Monitor security alerts and events from various sources such as SIEM systems, IDS/IPS, EDR, and other security tools.2.
Triages alerts as they come in and action appropriately.3.
Create tickets for necessary tasks that need to be executed by internal/external teams.4.
Respond to common alerts in a consistent and repeatable manner from multiple alerting sources.5.
Identify abnormal security events and trigger the call list / distribution list.6.
Recognize successful cyber intrusions and compromises through log review and analysis of relevant event detail information.7.
Launch and track security investigations to resolution.
Recognize cyber-attacks based on their signatures.8.
Differentiate the false positives from true intrusion attempts and help remediate / prevent.9.
Actively investigate the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notify client when appropriate.10.
Perform tasks as identified in a Security Operations Process Manual and runbooks.11.
Investigate and analyze security incidents to identify the root cause and determine the scope of the incident.12.
Develop and implement incident response plans to quickly mitigate any security incidents that occur.13.
Collaborate with other security teams to implement security controls, policies, and procedures to reduce the risk of security incidents.14.
Analyze and assess security incidents and escalates to appropriate internal teams for additional assistance.15.
Develop reports and/or briefings for events/incidents.16.
Conduct systems and tools health checks.17.
Maintain shift logs for all conducted SOC activities during scheduled hours.18.
Should be familiar with handling and mitigating attacks related to viruses, spoofing, hoaxes, malware19.
Stay up to date with the latest security trends, threats, and technologies and provide recommendations for security improvements.20.
Excellent verbal and written English communication skills are most important for the role.SUPERVISORY RESPONSIBILITIES:NoneJob Qualifications:REQUIRED QUALIFICATIONS:(Please be sure that each of the qualifications listed in this section are truly required to perform the essential functions of the job