Security Operations Center Analyst Level 2

Security Operations Center Analyst Level 2

Job Responsibilities

1. Incident Response and Management
   1. Incident Triage: Assessing incoming security alerts and determining the appropriate response based on the severity and nature of the threat. This includes prioritizing incidents that require immediate attention.
   2. Investigation: Conducting in-depth analysis of escalated security incidents, utilizing various tools and methodologies to uncover the root causes and potential impacts.
   3. Containment and Remediation: Implementing strategies to contain and remediate security incidents, working collaboratively with IT and other relevant departments to restore normal operations swiftly.
2. Threat Hunting and Intelligence
   1. Threat Intelligence Integration: Utilizing threat intelligence feeds to stay updated on the latest threats and vulnerabilities and incorporating this intelligence into the organization's security framework.
   2. Security Monitoring and Analysis:
      1. Continuous Monitoring: Overseeing security systems and alerts to detect unusual activity. This involves using Security Information and Event Management (SIEM) tools to correlate and analyze data from various sources.
      2. Alert Analysis: Reviewing and investigating alerts generated by security tools to determine their legitimacy and potential impact on the organization.
3. Collaboration and Communication
   1. Cross-Department Coordination: Working closely with other teams, such as IT, compliance, and risk management, to ensure a unified approach to cybersecurity. This may involve sharing insights on vulnerabilities or collaborating on incident response efforts.
   2. Documentation and Reporting: Creating detailed reports on security incidents, investigations, and remediation efforts. These reports are essential for informing stakeholders and guiding future security strategies.
   3. Process Improvement: Identifying areas for improvement within the SOC's incident response procedures and recommending enhancements to current practices based on lessons learned from past incidents.
   4. Training and Mentorship: Providing guidance and support to Level 1 Analysts, fostering an environment of continuous learning and skill development within the SOC team.

Required Qualifications

1. Educational Background: A degree in Computer Science, Information Technology, Cybersecurity, Diploma / National Senior Certificate or related qualifications.
2. Certifications: A+, N+, CompTIA Security+, Certified Ethical Hacker (CEH), CCNA.
3. Technical Skills:
   1. Knowledge of security information and event management (SIEM) tools.
   2. Knowledge with tools such as NMAP, mxtoolbox, dnschecker.
   3. Knowledge of network protocols and cybersecurity principles.
   4. Scripting and programming skills.
   5. Signature-Based Detection: Understanding how to interpret alerts generated from known threat signatures.
   6. Anomaly-Based Detection: Ability to recognize unusual patterns that may indicate a potential security breach.
   7. Understanding Protocols: A solid grasp of key network protocols (e.g., TCP / IP, HTTP, DNS) is crucial for analyzing traffic and identifying vulnerabilities.
   8. Network Architecture Knowledge: Familiarity with network layouts, including firewalls, routers, and switches, aids in pinpointing security weaknesses.
   9. Threat Intelligence Analysis: The ability to interpret threat intelligence feeds and integrate relevant information into incident response strategies.
   10. Open-Source Intelligence (OSINT): Skills in gathering and analyzing publicly available information to identify potential threats or vulnerabilities.
4. Soft Skills: Strong analytical and problem-solving abilities. Good communication skills to effectively report findings and collaborate with team members.
5. Experience: 3 to 5 years in the SOC environment. Prior work in IT or cybersecurity beneficial.

Job Details

Job type: One year Contract, renewable.
Seniority level: Mid-Senior level
Employment type: Contract
Job function: Information Technology
Industries: Technology, Information and Internet