IT Security Operation Center (SOC) - L2 (IT Consulting)

We are assisting one of our clients, an IT Consulting company, and they are currently looking for IT Security Operation Center (SOC) - L2.

Job Descriptions:

1. Incident Response and Investigation:
   • Perform in-depth investigations of security incidents, analyzing security alerts, and developing incident reports.
   • Analyze security events from various sources, including SIEM (Security Information and Event Management) tools, intrusion detection systems, firewalls, and antivirus software.
2. Threat Detection and Analysis:
   • Identify and classify security threats based on their severity and potential impact on the organization.
   • Monitor and respond to real-time security alerts, escalating incidents to higher-level analysts or management as necessary.
3. Security Tool Management:
   • Manage and fine-tune security monitoring tools to enhance detection capabilities.
   • Assist in creating and updating playbooks for incident response and threat hunting.
4. Collaboration and Communication:
   • Work with cross-functional teams, including IT, development, and compliance, to ensure a cohesive approach to security.
   • Communicate findings, risks, and recommendations to stakeholders clearly and effectively.
5. Documentation and Reporting:
   • Maintain detailed documentation of security incidents, responses, and the overall security posture of the organization.
   • Contribute to regular security reports and metrics for management reviews.
6. Continuous Improvement:
   • Stay updated on the latest cybersecurity trends, threats, and best practices.
   • Participate in training and professional development opportunities to enhance skill sets and knowledge.

Requirements:

1. Minimum 2 years of experience in Cyber security/SOC.
2. Proficient in Incident Management and Response.
3. In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc.
4. Responsible for working in a 24x7 Security Operation Centre (SOC) environment.
5. Provide analysis and trending of security log data from a large number of heterogeneous security devices.
6. Analyze and respond to previously undisclosed software and hardware vulnerabilities.
7. Investigate, document, and report on information security issues and emerging trends.
8. Integrate and share information with other analysts and teams.
9. Knowledge of various operating system flavors including but not limited to Windows, Linux, and Unix.
10. Experience operating SIEM Dashboard, Use Case, and Policy related to alerts/issues/vulnerabilities and other security issues.
11. Experience creating knowledge base/Playbook/Guideline for investigation processes and SOC activities.
12. Communicate effectively with customers.
13. Knowledge about various tools like SIEM, Packet Analysis, HIPS/NIPS, Service Now Ticketing Toolset, Web Security, AV, UBEA, Advanced SOC.