SOC Analyst

Job Description

We need an experienced SOC/CSIRT Analyst (Tier I) to be a member of Security Operations Centre and actively monitor security threats and risks, provide in-depth incident analysis, evaluate security incidents and will provide proactive threat research. The SOC/CSIRT Analyst will utilize the latest in security technology and be on the fore-front of incident response.

Required Skills and Qualifications

• Knowledge in information security controls such as Firewalls, IDS/IPS, WAF, proxy, routers.
• Understanding of common network services (web, mail, FTP, etc), network vulnerabilities, and network attack patterns a must.
• A strong passion for Information Security and the will to learn new things.
• At least one certification in the field of information technology from a respectable security organization.
• Candidate must be willing to work in shifts of 9 hours (one shift per day) either morning shift or night shift, 5 days a week (Mon – Fri).
• Candidate must be able to travel by car when no public transportation is available.
• Fluent verbal and written English.

Responsibilities

• Implementing proper Incident Handling procedures.
• Understanding of information security policies and doctrine, ability to draft, modify and create SOP for use of other team members.
• Recognizing vulnerabilities and publicly known attack traffic patterns.
• Evaluating and determine if/when information security violations have occurred.
• Demonstrate in-depth knowledge of security threats.
• Demonstrate expertise in correlation analysis, along with an understanding of monitoring programs, such as QRadar/Splunk/Arcsight.
• Maintaining and developing an understanding of malware and forensic analysis.
• Coordinating response efforts with various departments within the organization in a cooperative and beneficial manner.
• Maintaining situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.