استخدام کارشناس تحلیلگر امنیت (SOC)
شرح موقعیت شغلی
Description of the Role
Monitor and analyze logs and events daily, to determine whether any events could constitute a genuine security incident.
Performing security monitoring, reviewing, investigating and reporting the events generated by the SIEM
Follow-ups the process of requests for the incident
Part of security incident response team to handle important security incidents/alerts, investigate the root cause in collaboration with other Security teams, establish corrective controls and minimize the impact.
To research and incorporate the latest international trends in security operation management.
Documentation of SOC output (pen test reports, vulnerability assessment reports, and incident response reports)
Create queries, dashboards, and visualizations to support customer requirements and monitoring of SIEM systems
Required Candidate Profile
• Sufficient knowledge about Network Security Concepts.
• Sufficient knowledge about attack methods
• Sufficient knowledge about threats & threat modeling
• Sufficient knowledge of SIEM tools.
• Ability to analyze raw log files and packet captures.
• Ability to understand network defense principles and common attack vectors.
• Experience with threat Hunting
Experience with Intelligence
• Experience with IOC Enrichment and Analysis
• Continuously assess and document/log security efforts throughout the organization
• Sufficient work experience in vulnerability scanning, assessment, and penetration testing and reporting.
• Knowledge of security test standards such as SANS, OWASP, etc.
• Sufficient knowledge about hardening for different types of infrastructures.
• Familiar with Standards and Frameworks of Information Security such as ISO 27000.
• Familiar with common standards and best practices implemented in Information Security Management and Cyber Resilience, like ISO/NIST/PCI.
• Conduct in-depth audits and risk assessments
• High integrity, responsibility, honesty and professionalism.
• A demonstrated knowledge of security protocols and technologies, IT security controls associated with firewalls, email, web, endpoints, operating systems, IPS/IDS, cryptography, networks etc.
• Continuously learn new technologies and keep up to date with the latest security trends
Preferred:
• At least 3 years experience in network and information security
• Information Security certifications (Security+, CCNA Security, CCNP Security, LPIC1, 2, ISO 27001:2013 Lead Auditor, CEH,CHFI, ECIH, PCI-DSS) are considered as a plus.
• Strong communication skills.
• Participate in project development, implementation, and training
• Excellent problem solving skills -Strong communication skills
• Hands-on team working experience.
• Good documentation skills
• Good Knowledge of English.
* Experience in the field of banking is an advantage
Monitor and analyze logs and events daily, to determine whether any events could constitute a genuine security incident.
Performing security monitoring, reviewing, investigating and reporting the events generated by the SIEM
Follow-ups the process of requests for the incident
Part of security incident response team to handle important security incidents/alerts, investigate the root cause in collaboration with other Security teams, establish corrective controls and minimize the impact.
To research and incorporate the latest international trends in security operation management.
Documentation of SOC output (pen test reports, vulnerability assessment reports, and incident response reports)
Create queries, dashboards, and visualizations to support customer requirements and monitoring of SIEM systems
Required Candidate Profile
• Sufficient knowledge about Network Security Concepts.
• Sufficient knowledge about attack methods
• Sufficient knowledge about threats & threat modeling
• Sufficient knowledge of SIEM tools.
• Ability to analyze raw log files and packet captures.
• Ability to understand network defense principles and common attack vectors.
• Experience with threat Hunting
Experience with Intelligence
• Experience with IOC Enrichment and Analysis
• Continuously assess and document/log security efforts throughout the organization
• Sufficient work experience in vulnerability scanning, assessment, and penetration testing and reporting.
• Knowledge of security test standards such as SANS, OWASP, etc.
• Sufficient knowledge about hardening for different types of infrastructures.
• Familiar with Standards and Frameworks of Information Security such as ISO 27000.
• Familiar with common standards and best practices implemented in Information Security Management and Cyber Resilience, like ISO/NIST/PCI.
• Conduct in-depth audits and risk assessments
• High integrity, responsibility, honesty and professionalism.
• A demonstrated knowledge of security protocols and technologies, IT security controls associated with firewalls, email, web, endpoints, operating systems, IPS/IDS, cryptography, networks etc.
• Continuously learn new technologies and keep up to date with the latest security trends
Preferred:
• At least 3 years experience in network and information security
• Information Security certifications (Security+, CCNA Security, CCNP Security, LPIC1, 2, ISO 27001:2013 Lead Auditor, CEH,CHFI, ECIH, PCI-DSS) are considered as a plus.
• Strong communication skills.
• Participate in project development, implementation, and training
• Excellent problem solving skills -Strong communication skills
• Hands-on team working experience.
• Good documentation skills
• Good Knowledge of English.
* Experience in the field of banking is an advantage
مهارتهای مورد نیاز
- امنیت اطلاعات
- siem
- soc
- Network Security
حداقل سابقه کار
- کمتر از سه سال
جنسیت
- مهم نیست
وضعیت نظام وظیفه
- معافیت تحصیلی معافیت دائم پایان خدمت