|
Work youll do:
- As a SOC L2 Consultant you will support the SOC team as the first line of defense to identify potential information security incidents.
- Monitor client sources of potential security incidents health alerts with monitored solutions and requests for information. This includes the monitoring of real-time channels or dashboards periodic reports email inboxes helpdesk or other ticketing system telephone calls chat sessions.
- Follow client and incident-specific procedures to perform triage of potential security incidents to validate and determine needed mitigation.
- Escalate potential security incidents to client personnel implement countermeasures in response to others and recommend operational improvements.
- Keep accurate incident notes in case management system.
- Maintain awareness of the clients technology architecture known weaknesses the architecture of the security solutions used for monitoring imminent and pervasive threats as identified by client threat intelligence and recent security incidents.
- Provide advanced analysis of the results of the monitoring solutions assess escalated outputs and alerts from Level 1 Analysts.
- Perform web hunting for new patterns/activities.
- Provide end-to-end event analysis incident detection and manage escalations using documented procedures.
- Devise and document new procedures and runbooks/playbooks as directed.
- Assist the Shift Leads and fulfill Shift Lead responsibilities in their absence and maintain monthly SLAs.
- Maintain compliance with processes runbooks templates and procedures-based experience and best practices.
- Provide malware analysis (executables scripts documents) to determine indicators of compromise and create signatures for future detection of similar samples.
- Continuously improve the service by identifying and correcting issues or gaps in knowledge (analysis procedures plays client network models) false positive tuning identifying and recommending new or updated tools content countermeasures scripts plug-ins etc.
- Serve as a subject matter expert in at least one security-related area (e.g. specific malware solution python programming etc.)
- Provide shift status and metric reporting & support weekly operations call.
The team: We aims to combine sophisticated technologies and human intelligence to help the clients monitor detect investigate and respond to known and unknown attacks. We help our clients to be secure vigilant and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. The team delivers service to clients through following key areas: - Threat detection and response
- Attack surface management
- Threat Intelligence
- Threat Hunting
- Data Protection
Qualifications Must Have Skills/Project Experience/Certifications: - 3 years working in a SOC and/or strong security technology operations experience.
- Certified Information Systems Security Professional (CISSP) Certification in Certified Intrusion Analyst (GIAC) Continuous Monitoring (GMON) Certified Ethical Hacker (CEH) or equivalent.
- Able to work shifts on a rotating basis for 24/7 support of clients.
- Experience in security technologies such as: Security information and event management (SIEM) IDS/IPS Data Loss Prevention (DLP) Proxy Web Application Firewall (WAF) Endpoint detection and response (EDR) Anti-Virus Sandboxing network- and host- based firewalls Threat Intelligence Penetration Testing etc.
- Knowledge of Advanced Persistent Threats (APT) tactics technics and procedures.
- Understanding of possible attack activities such as network probing/ scanning DDOS malicious code activity etc.
- Understanding of common network infrastructure devices such as routers and switches.
- Understanding of basic networking protocols such as TCP/IP DNS HTTP.
- Basic knowledge in system security architecture and security solutions.
Good to Have Skills/Project Experience/Certifications: - Excellent interpersonal and organizational skills.
- Excellent oral and written communication skills.
- Strong analytical and problem-solving skills.
- Self-motivated to improve knowledge and skills.
- A strong desire to understand what as well as the why and the how of security incidents.
|
Work youll do: As a SOC L2 Consultant you will support the SOC team as the first line of defense to identify potential information security incidents. Monitor client sources of potential security incidents health alerts with monitored solutions and requests for information. This includes the m...
|
Work youll do:
- As a SOC L2 Consultant you will support the SOC team as the first line of defense to identify potential information security incidents.
- Monitor client sources of potential security incidents health alerts with monitored solutions and requests for information. This includes the monitoring of real-time channels or dashboards periodic reports email inboxes helpdesk or other ticketing system telephone calls chat sessions.
- Follow client and incident-specific procedures to perform triage of potential security incidents to validate and determine needed mitigation.
- Escalate potential security incidents to client personnel implement countermeasures in response to others and recommend operational improvements.
- Keep accurate incident notes in case management system.
- Maintain awareness of the clients technology architecture known weaknesses the architecture of the security solutions used for monitoring imminent and pervasive threats as identified by client threat intelligence and recent security incidents.
- Provide advanced analysis of the results of the monitoring solutions assess escalated outputs and alerts from Level 1 Analysts.
- Perform web hunting for new patterns/activities.
- Provide end-to-end event analysis incident detection and manage escalations using documented procedures.
- Devise and document new procedures and runbooks/playbooks as directed.
- Assist the Shift Leads and fulfill Shift Lead responsibilities in their absence and maintain monthly SLAs.
- Maintain compliance with processes runbooks templates and procedures-based experience and best practices.
- Provide malware analysis (executables scripts documents) to determine indicators of compromise and create signatures for future detection of similar samples.
- Continuously improve the service by identifying and correcting issues or gaps in knowledge (analysis procedures plays client network models) false positive tuning identifying and recommending new or updated tools content countermeasures scripts plug-ins etc.
- Serve as a subject matter expert in at least one security-related area (e.g. specific malware solution python programming etc.)
- Provide shift status and metric reporting & support weekly operations call.
The team: We aims to combine sophisticated technologies and human intelligence to help the clients monitor detect investigate and respond to known and unknown attacks. We help our clients to be secure vigilant and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. The team delivers service to clients through following key areas: - Threat detection and response
- Attack surface management
- Threat Intelligence
- Threat Hunting
- Data Protection
Qualifications Must Have Skills/Project Experience/Certifications: - 3 years working in a SOC and/or strong security technology operations experience.
- Certified Information Systems Security Professional (CISSP) Certification in Certified Intrusion Analyst (GIAC) Continuous Monitoring (GMON) Certified Ethical Hacker (CEH) or equivalent.
- Able to work shifts on a rotating basis for 24/7 support of clients.
- Experience in security technologies such as: Security information and event management (SIEM) IDS/IPS Data Loss Prevention (DLP) Proxy Web Application Firewall (WAF) Endpoint detection and response (EDR) Anti-Virus Sandboxing network- and host- based firewalls Threat Intelligence Penetration Testing etc.
- Knowledge of Advanced Persistent Threats (APT) tactics technics and procedures.
- Understanding of possible attack activities such as network probing/ scanning DDOS malicious code activity etc.
- Understanding of common network infrastructure devices such as routers and switches.
- Understanding of basic networking protocols such as TCP/IP DNS HTTP.
- Basic knowledge in system security architecture and security solutions.
Good to Have Skills/Project Experience/Certifications: - Excellent interpersonal and organizational skills.
- Excellent oral and written communication skills.
- Strong analytical and problem-solving skills.
- Self-motivated to improve knowledge and skills.
- A strong desire to understand what as well as the why and the how of security incidents.
|
View more
View less
Job Location:
Monthly Salary:
Posted on:
12 hours ago
Vacancies:
1 Vacancy
