Job Description
Responsible for monitoring computer security events according to documented procedures and industry best practices. First line of defense in protecting's information systems from internal and external threats. Work closely with the other teams to assess risk and provide recommendations for improving our security posture.
- Monitor security events received through alerts from SIEM or other security tools.
- Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
- Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
- Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
- Revise alerts escalated by end users • Maintain assigned ticket queue
Job Requirements
- Excellent communication skills.
- Solid technical knowledge about TCP/IP and networking
- Good Knowledge about SIEM monitoring (Preferably Splunk).
- Good knowledge about IDS/IPS systems.
- Good knowledge about threat intelligence and defensive mechanisms.
- Good knowledge about vulnerability assessment.
- Good knowledge about incident response.
- Good reporting skills
- Preferable requirements:
- Desirable certifications include, but not limited to: (CompTIA Security+, CCNA, SANs GSEC, GCIH, GCIA, CEH, ECIH…etc.