SOC Analyst

Participating in 24 x 7 x 365 coverage for event monitoring and incident detection and supports preliminary incident response where appropriate. Analyzing output from various technologies to effectively identify anomalous events and investigative security incidents.Responsibilities Use SIEM solution effectively to monitor day to day notable events. Handle any other kind of forwarded security incidents from different teams. Triage alerts as they come in and action appropriately. Responsible for triage of alerts, Phishing attempts, and AV Alerts … etc. Respond to common alerts in a consistent and repeatable manner from multiple alerting sources. Escalate unknown alerts to Level 2. Prepare and share shift/incident reports.Requirements From 2 to 3 years of experience Strong knowledge of networking concepts, operating systems (e.g., Windows, Linux), and common security technologies (e.g., firewalls, IDS/IPS, SIEM). Familiarity with security tools such as vulnerability scanners, packet analyzers Understanding of cybersecurity frameworks and best practices (e.g., NIST Cybersecurity Framework). Basics on Cyber Security Cyber Attacks, Virus, Malware Analysis, Phishing Analysis. Familiarity with incident response methodologies and tools. Understanding of security incident handling processes, including incident triage, containment, eradication, and recovery. Ability to analyze security events, identify indicators of compromise (IOCs), and perform basic forensic analysis. Concepts in CEH, OWASP top 10. Vulnerability Management, SIEM and different SIEM technologies. Strong understanding of Windows, Linux / Unix, network troubleshooting analysis and current security threats. Understanding of network protocols, traffic analysis, and the ability to detect suspicious activities or anomalies.