Key Responsibilities:
Advanced Monitoring and Analysis: Continuously monitor and analyze security alerts from various security tools (SIEM, IDS/IPS, firewalls, etc.) with a focus on identifying and mitigating advanced threats.
Threat Hunting: Proactively search for and identify undetected threats within the organization’s environment through advanced log analysis, anomaly detection, and behavioral analysis.
Mentorship: Provide guidance and support to entry-level analysts, helping them develop their skills and knowledge in threat detection and incident response.
Documentation and Reporting: Maintain detailed documentation of security incidents, including the analysis, response actions, and post-incident reviews. Prepare reports for senior management and stakeholders.
Continuous Improvement: Contribute to the continuous improvement of SOC processes, tools, and methodologies to enhance the effectiveness and efficiency of the team.
Qualifications:
Education: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. Relevant certifications (e.g., CompTIA Security+, Certified SOC Analyst, GIAC Certified Incident Handler) are highly desirable.
Experience: 1-3 years of experience in a Security Operations Center (SOC) or a related cybersecurity role, with hands-on experience in incident detection and response.
Technical Skills: Strong understanding of networking, operating systems (Windows, Linux), and cybersecurity concepts. Proficiency with security tools such as SIEM, IDS/IPS, firewalls, and endpoint detection and response (EDR) platforms.
Analytical Skills: Demonstrated ability to analyze complex data sets, identify patterns, and draw meaningful conclusions to detect and respond to threats.
Communication Skills: Excellent verbal and written communication skills, with the ability to effectively convey technical information to both technical and non-technical audiences.
Problem-Solving: Strong critical thinking and problem-solving abilities, with the capability to manage multiple tasks and prioritize effectively.
Team Collaboration: Ability to work effectively as part of a team, as well as independently, with a strong sense of accountability and ownership.
Preferred Qualifications:
Certifications: GIAC Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), or other relevant cybersecurity certifications.
Experience: Proven experience in threat hunting, incident response, and the integration of threat intelligence in a SOC environment.
Tools Proficiency: Experience with Security Information and Event Management (SIEM) platforms, Endpoint Detection and Response (EDR) software and incident management ticketing systems.