SOC Analyst

1. Security Monitoring and Analysis:

• Monitor security event and incident detection systems, including ArcSight SIEM, IDS/IPS, and other security appliances for potential security incidents.
• Analyze security events and alerts to identify potential threats, vulnerabilities, and suspicious activities.
• Investigate and triage security incidents to determine their severity, impact, and appropriate response actions.

• Execute incident response procedures according to established protocols and best practices.
• Coordinate with internal stakeholders and teams to contain, mitigate, and remediate security incidents in a timely manner.
• Document incident details, investigation findings, and response actions taken for further analysis and reporting.

• Stay abreast of the latest cybersecurity threats, vulnerabilities, and attack techniques through threat intelligence feeds, research publications, and industry forums.
• Utilize threat intelligence to enhance security monitoring, detection capabilities, and incident response strategies.

• Participate in security awareness training and knowledge-sharing sessions to enhance team capabilities and awareness of emerging threats.
• Collaborate with other members of the cybersecurity team and IT departments to improve security controls, processes, and procedures.
• Provide recommendations for enhancing security posture and reducing the organization's exposure to cybersecurity risks.

Requirements

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field.
• Minimum of 1-2 years of experience in a cybersecurity-related role, preferably in a SOC environment.
• Solid understanding of network protocols, operating systems, and security technologies.
• Familiarity with security information and event management (SIEM) tools, intrusion detection/prevention systems (IDS/IPS), and endpoint security solutions.
• Proficiency in analyzing security event logs, packet captures, and other forensic data sources.
• Strong analytical and problem-solving skills with the ability to prioritize and respond to security incidents effectively.
• Excellent communication skills, both written and verbal, with the ability to convey technical information to non-technical stakeholders.
• Relevant industry certifications such as Security+, CEH (Certified Ethical Hacker), or GIAC certifications (GSEC, GCIH, GCIA) are a plus.

Last updated on Feb 22, 2024