Job Description

Key Responsibilities:

• Assisting clients with monitoring, investigation and response to security incidents.
• Effectively assess security incidents, determine their severity level, and manage response efforts with efficiency and precision.
• Conduct research, analysis, and investigation of security alerts
• Maintain a comprehensive awareness of the current threat landscape, including malware, phishing attacks, and advanced persistent threats (APTs).
• Actively participate in post-incident reviews to identify lessons learned and recommend improvements to processes and technologies.
• Provide feedback and recommendations to enhance detection and response capabilities
• Participate in continuous improvement of security operations processes and toolsets
• Provide guidance and leadership to the team during critical situations, ensuring effective decision-making and response.
• Foster collaboration with cross-functional teams to enhance the overall security posture of the organization.
• Mentor and train junior analysts, sharing knowledge and best practices to strengthen team capabilities.

Requirements:

• Bachelor's degree in Computer Science, Information Technology, or a related field
• Preferably 2+ years of experience in a Security Operations Center (SOC) or related cybersecurity role
• Demonstrated ability to analyze, triage and remediate security incidents.
• Moderate knowledge in SIEM tools such as Splunk, Microsoft Sentinel or similar platforms, along with a solid understanding of various log sources and their functions.
• Moderate knowledge of security related technologies and their functions (Firewall, VPN, IDS/IPS, EDR, WAF, etc.)
• Experience in developing SOC use cases in SIEM to correlate diverse logs, including the creation of new monitoring use case logic and enabling effective investigation of security alerts and incidents.
• Experience in conducting investigations across various environments, including endpoints, networks, web applications, databases, and cloud resources
• Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)
• Knowledge of Cyber Threat Intelligence, including the analysis of intelligence alerts, threat hunting, and providing actionable recommendations.