Participating in 24 x 7 x 365 coverage for event monitoring and incident detection and supports preliminary incident response where appropriate. Analyzing output from various technologies to effectively identify anomalous events and investigative security incidents, and have a strong knowledge in threat hunting, threat intelligence and malware analysis.


RESPONSIBILITIES

• Actively hunt for potential threats by monitoring and analyzing alerts from our SIEM, EDR, and other security platforms to identify anomalous activity.
• Review daily shift report sent from SOC L1
• Create weekly, monthly, quarterly reports
• Handle security incident lifecycle starting from analysis and investigation to containment and eradication.
• Perform detailed log analysis across our entire environment to uncover the root cause and scope of security incidents.
• Integrate the latest threat intelligence on vulnerabilities and attacker tactics into our monitoring and hunting activities to proactively strengthen our defenses.
• Enhance SOC view by integrating missed log sources and feed it into our SOC tools to enhance detection and investigation.
• Document all incident investigation steps, actions taken, and lessons learned to build a knowledge base and support continuous improvement.
  
  
  

REQUIREMENTS

• Bachelor’s degree in communication engineering or computer science
• 3-5 years of experience in SOC
• Strong knowledge of networking concepts, operating systems and common security technologies
• Understanding network protocols, traffic analysis, and the ability to detect suspicious activities or anomalies.
• Strong Knowledge of SEIM, EDR, SOAR, Antivirus.
• Strong Knowledge in incident handling, OWASP top 10, Miter-attack
• Advanced Knowledge in Cyber Security Cyber Attacks, Virus, Malware Analysis, Phishing Analysis.
• Experience with security incident handling processes, including incident triage, containment, eradication, and recovery.
• Proficiency in threat hunting and threat intelligence tools and platforms, as well as data analysis tools
• Ability to analyze security events, identify indicators of compromise (IOCs), and perform basic forensic analysis.
• Certifications Such as GSEC, GCIH, GCFA, GCFE.
• Excellent communication, analytical and report-writing abilities