SOC Analyst

Responsibilities:

• Operate the SOC to monitor and react on and security alert and potential security incident
• Take reactive and proactive actions against cyber-threats and incidents
• Maintain and enhance SOC security systems such as the SIEM, the Threat Intelligence Platform system, the Network Traffic Analysis tool, Forensics tools, PT simulations etc. to always own a complete defense visibility and to continuously align it with new attack vectors and techniques
• Handle SIEM alerts and document actions and response as well as track remediation actions.
• Perform threat hunting
• Design and write code to support SIEM and respective systems rules creation, reports and dashboards, playbook definitions and development, interfaces development etc.
• Research, simulate and run penetration tests using publicly available and proprietary tools
• According to need; lead security projects/activities with other security and R&D groups
• Develop and maintain lab environment to assess new security threats.

Requirements:

• Minimum Bachelor’s degree in Computer Science, Computer Engineering, Electrical & Electronics Engineering, Information Technology and/or its equivalent; Master’s degree in the above preferred
• Certification in one or more of the following: Network+, Cisco CCNA, Security+, CISM, CISSP, CEH
• 2+ years experience working in IT Security
• Able to manage, update and practice Incident Response Plan
• Experience with SIEM Log management tools
• Experience with Next-Gen Antivirus management and EDR tools
• Experience with open source and commercial forensic tools
• Experience with vulnerability assessments
• Excellent understanding and proven hands-on experience with a SIEM system (defining and building correlation, aggregation, normalization and parsing)
• Strong understanding of security principles, policies and industry best practices
• Networking knowledge – understand networking essentials, components, data flows, architecture, ports and protocols, etc.
• General operating system knowledge– Solid understanding and practical experience in various flavors of Windows and Linux, OS configuration, filesystem structures, OS components, mobile operating systems etc.
• Scripting/coding experience (Python, Perl, Ruby, Bash, PowerShell, .NET, HTML5, PHP etc.) for developing, extending or modifying exploits, shellcode or exploit tools
• Hands-on experience in static and dynamic malware analysis
• Excellent problem solving/analytical skills
• Excellent communication and interpersonal skills
• Ability to work in a multi-tasking environment
• The job requires high availability and very high attention to detail