CSOC Level 2 Analyst (Enterprise IT)
Share
Job Location:
Monthly Salary:
Posted on:
30+ days ago
Vacancies:
1 Vacancy
Job Summary
CSOC Level 2 Analyst (Enterprise IT):
Experience:
4-6 years
Expertise:
Well-versed in Microsoft Security Products including MS Defender for Endpoint Cloud Identity AV and MS Sentinel.
Knowledge of Incident Response frameworks knowledge (NIST MITRE ATT&CK Cyber Kill Chain)
C-SOC Level 2 Analysts are responsible for advanced incident response activities comprehensive log analysis and detailed incident reporting.
Skilled in utilizing tools to enhance the efficiency of Incident Response within a SOC.
Experienced with THOR Scanner VMRay and Recorded Future Sandbox is a plus.
Knowledgeable in Application Cloud and Infrastructure security including Firewalls Proxies and Web Application Firewalls (WAF).
Must be willing to provide support and be flexible to work in 24/7 rotational shifts including weekends.
Technical Knowledge:
Knowledge of Incident Response frameworks knowledge (NIST MITRE ATT&CK Cyber Kill Chain)
C-SOC Level 2 Analysts are responsible for advanced incident response activities comprehensive log analysis and detailed incident reporting.
Skilled in utilizing tools to enhance the efficiency of Incident Response within a SOC.
Experienced with THOR Scanner VMRay and Recorded Future Sandbox is a plus.
Knowledgeable in Application Cloud and Infrastructure security including Firewalls Proxies and Web Application Firewalls (WAF).
Must be willing to provide support and be flexible to work in 24/7 rotational shifts including weekends.
Technical Knowledge:
Proficient in using advanced tools to detect and analyze sophisticated threats.
Capable of conducting in-depth technical analyses of incidents providing detailed technical information.
Experienced in documenting and analyzing incident timelines and events.
Skilled in reviewing and analyzing user access logs to identify unauthorized or suspicious activities.
Proficient in analyzing email logs to trace phishing attacks spoofed messages and other email-related threats.
Expertise in using SIEM (Security Information and Event Management) systems IDS/IPS (Intrusion Detection/Prevention Systems) and other security monitoring tools.
Experienced in using sandbox environments to safely analyze and understand malware behaviour.
Able to provide technical feedback to internal security teams.
Strong analytical skills to interpret complex datasets and identify patterns indicative of security threats.
Support mail security during incidents by collaborating with L3-Mail-Security and Mail Teams to address issues such as spoofed messages and other email threats.
Skilled in refining and tuning alerting systems based on insights from incident investigations to reduce false positives and enhance detection capabilities.
Responsible for maintaining and managing the SOC Knowledgebase including playbooks processes and contacts.
Collaborate with the Cyber Incident Response (CIR) Service for activation and incident management.
Capable of conducting in-depth technical analyses of incidents providing detailed technical information.
Experienced in documenting and analyzing incident timelines and events.
Skilled in reviewing and analyzing user access logs to identify unauthorized or suspicious activities.
Proficient in analyzing email logs to trace phishing attacks spoofed messages and other email-related threats.
Expertise in using SIEM (Security Information and Event Management) systems IDS/IPS (Intrusion Detection/Prevention Systems) and other security monitoring tools.
Experienced in using sandbox environments to safely analyze and understand malware behaviour.
Able to provide technical feedback to internal security teams.
Strong analytical skills to interpret complex datasets and identify patterns indicative of security threats.
Support mail security during incidents by collaborating with L3-Mail-Security and Mail Teams to address issues such as spoofed messages and other email threats.
Skilled in refining and tuning alerting systems based on insights from incident investigations to reduce false positives and enhance detection capabilities.
Responsible for maintaining and managing the SOC Knowledgebase including playbooks processes and contacts.
Collaborate with the Cyber Incident Response (CIR) Service for activation and incident management.
Key Skills
- IT Experience
- SAP Materials Management
- SAP SuccessFactors
- Agile
- Business Analysis
- SAP
- Requirements Gathering
- SAP Finance & Controlling
- SAP Supply Chain Management
- SAP S/4HANA
- SDLC
- Oracle
