the SOC level 2 analyst is in charge of security monitoring, threat and vulnerability watch.
The role's core is to perform the initial incident triage and Investigates deeper into the detected behaviours when an incident is detected by the monitoring platform.
Analyst to conduct event investigations, deal with the security incidents which are detected by the service and lead in-depth analysis of these incidents.
The Cyber Defense Analyst (CDA) will work within continuous security operations monitoring as part of the holistic Cyber Defense team.
Specific Assignments:
Perform real-time status monitoring of security equipment (IDS, IPS, Firewalls, etc.) and systems (servers, clients, etc.) using various tools (e.g., SIEM) to identify potential security incidents, threats, and vulnerabilities.
Investigates deeper into the detected behaviours when an incident is escalated or detected by the monitoring platform.
Perform initial incident triage to support event investigation.
Integrate and share information with other analysts and other teams.
Participates in crisis management by providing support to the incident handler and the SOC Level 3 analysts.
Add context to the incident to understand the behaviour, analysing data from multiple tools and data sources.
Tracks trends for metrics and reporting
Create reports and visualizations of security attacks
Works on the decrease of false positives
Maintain the detection rules database
Perform troubleshooting and problem resolution on security equipment and systems.
Appropriately represent cybersecurity on cross-functional IT project teams.
Support a 24x7 Security Operation Center (SOC) environment.
Works independently to perform analyses and investigations
Evolution:
The CDA has the primary network and host-based knowledge to determine which alerts require immediate attention and which may be more safely deprioritized or ignored. The role is responsible for documenting and closing deprioritized alerts while performing primary enrichment for alerts to be escalated. The candidate should be capable of clear communication.
Required
Strong time management skills with the ability for multitasking
With a proven experience in the field of Cyber defence, you perfectly know attacks methods and security equipment functions. You possess an Information Security and operationally oriented mindset.
Willingness to work overtime and adjust to reasonable demands from management in case of critical incidents
You are comfortable with IDS – SIEM – Log Management, and Vulnerability scanning technologies.
Must have an understanding of cybersecurity controls, IPS/IDS, firewalls, content filtering technology, DLP, configuration management and monitoring, endpoint protection, database security, and log collection and analysis understanding
Working knowledge of security-relevant data, including network protocols, ports, and standard services, such as TCP/IP network protocols and application layer protocols (e.g., HTTP/S, DNS, FTP, SMTP, Active Directory)
Able to multitask and give equal and required attention to a variety of functions while under pressure
Must be able to communicate technical details clearly
Team player with the ability to work autonomously
Rigorous and respectful of the process. Strong attention to detail.
Autonomous and self-organized
Minimum Qualifications
3 to 5 years of experience working in the information technology space
Demonstrated understanding of the technologies used in cyber security, including Managed Detection and Response, NextGen Firewalls, IDS/IPS, SIEM Solutions, SOAR, Cloud Security, End Point Security, Vulnerability Services
Certifications highly preferred:
GSEC, GSOC, GCED
Job Requirement
Minimum Qualifications
3 to 5 years of experience working in the information technology space
Demonstrated understanding of the technologies used in cyber security, including Managed Detection and Response, NextGen Firewalls, IDS/IPS, SIEM Solutions, SOAR, Cloud Security, End Point Security, Vulnerability Services
Certifications highly preferred:
GSEC, GSOC, GCED
Beware of fraud agents! do not pay money to get a job
MNCJobsGulf.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.