As a Tier 2 SOC Analyst you and the team will be responsible for manning a 24x7x365 coordination center and responding to alerts, notification, communications and providing incident response activities such as tracking the incident, communication with stakeholders, remediation and recovery actions and reporting. Ensure reports are properly entered into the incident tracking system.
**Job Description**:
Act as main investigators for potential incidents identified by Tier 1 analysts.
- Defining protocols and maturing ‘playbooks’ of operational response to cyber threats
- Working within the playbooks as defined
- Operate autonomously to further investigate and escalate in accordance with protocols and SLAs
- Participate in SOC working groups.
- Collaborate across organizational lines and develop depth in your desired cyber discipline and/or technologies.
- Provide coaching / mentoring to SOC Tier 1 Analysts
- maintain, refine and develop use cases.
- Supporting cyber defense functions to protect our customers from cyber security incidents that have potential to cause negative impact
- Incident intake, ticket updates and reporting of cyber events.
Technical Skills:
- Solid Knowledge of TCP/IP protocols
- Deep Packet and log analysis
- Knowledge of Windows and Linux operating systems.
- Knowledge of Network security technologies (Firewalls, IDS/IPS, WAF, Antivirusetc)
- Solid knowledge in SIEM technologies (Logrythm, Qradar, Splunk.. etc)
- good Knowledge in threat intelligence
- Knowledge in threat Hunting
- Solid Knowledge in Incident Handling
- Solid knowledge in cyber attacks
- Strong understanding of Security concepts, best practices and tools
Job Qualifications:
- Bachelor’s degree in Engineering or computer science
- Required 3-4 years of relevant experience
- Security or relevant IT certification is a plus
- posses good analytical skills
- good commincation skills
- Inquistive