Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
Job Description:
- Responsible for Building and developing the security operation center, maintain its internal growth to achieve corporate objectives.
- Responsible for creating a positive, creative, and dynamic team culture that directly contributes to positive SOC operations
- Responsible for overseeing the daily operations of the SOC. leads, coaches and develops a team of SOC on different tiers.
- Accountable and responsible for the SOC Activities, Performance & Deliverables.
- Develops and delivers technology and process improvements for the SOC to maintain operational readiness for incident response, and reports to ensure an appropriate level of service
- Understand the implementation of new information security technologies and lead the integration of new tools within operations.
- Management of security monitoring and incident response of cyber security events in the Security Operation Center (SOC).
- Oversight of the SOC team’s response to cyber security tickets and provide analysis and trending of security log data from security devices as well as various security tool portals
- Oversight of monitoring and analysis of Security Information and Event Management (SIEM) alerts to identify security issues for remediation and investigate events and incidents
- Drive the implementation of emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
- Provide proactive “threat hunting” to detect incidents
- Define protocols and maturing of 'playbooks' for operational response to cyber threats
- Tune rules and thresholds to improve the fidelity of alerts
- Prepare reports of analysis and results to provide briefings to the CISO
- Provide Incident Response support when analysis confirms an actionable incident
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.
- Work collaboratively with other cybersecurity teams and business units
- Lead SOC analysts during incident response actions, advise and coordinate with leadership during active incidents
- Identify, evaluate, develop and report SOC-related metrics via the dashboard and/or reports
- Develop, lead and present relevant Cybersecurity tabletop exercises and incident drills to SOC staff and relevant stakeholder groups for the purposes of identifying process improvement opportunities.
Technical Skills:
- Solid Knowledge of TCP/IP protocols
- Deep Packet and log analysis
- Knowledge of Windows and Linux operating systems.
- Knowledge of Network security technologies (Firewalls, IDS/IPS, WAF, Antivirus …etc)
- Solid knowledge in SIEM technologies (LogRhythm, Qradar, Splunk, Netwitness... etc.)
- good Knowledge in threat intelligence
- Experience as a Senior Security Analyst leading a team
- Experience with Security Operations Center, network event analysis, and threat analysis
- Experience working as an Incident Responder
- Knowledge of various security methodologies and technical security solutions
- Experience analyzing data from cybersecurity monitoring tools
- Ability to analyze endpoint, network, and application logs
- Experience tuning and/or configuring SIEM and vulnerability tools
- Knowledge of common Internet protocols and applications
- Scripting experience in Linux or PowerShell preferred
Job Requirements
- 4-6 years of experience.
- Proficient in Incident Management and Response.
- Experience in security device management and SIEM.
- Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Experience in threat management.
- Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix.
- Knowledge of applications, databases, middle ware to address security threats against the same.
- Proficient in preparation of reports, dashboards and documentation.
- Excellent communication, analytical, problem solving and interpersonal skills