استخدام tier 2 and 3) SOC analyst)
شرح موقعیت شغلی
Responsibilities
· Perform investigations, threat hunting and work cases as needed
· Act as an escalation point for Tier 1
· Communicate with IT staff regarding security related incidents
· Assist in threat signature implementation and tuning
· Define and mature ‘playbooks’ for response to cyber threats
· Provide teaching/mentoring to junior analyst team members
· Participate and lead SOC training efforts
· Implements and maintains Splunk platform infrastructure and configuration
· Designs and optimizes Splunk platform architecture for large-scale and distributed deployments
· Customizes queries
· Promotes advanced searching, forensics, analytics
· Effects creative solutions to complex problems
· Additional responsibilities and tasks assigned by SOC management
Skills
· Willingness to learn, adapt, and innovate
· Critical thinking and analytical skills
· Excellent written and oral communications skills
· Great interpersonal and teamwork skills
· Windows or *nix systems administration
· Familiarity with common infrastructure technologies
· Networking Background
· Strong understanding of Splunk platform configuration, web UI and Common Information Model
· Experience with advanced Splunk Search Processing Language (SPL)
Requirements
· 2-4 years experience in Security Operations or similar role
· Experience with log management, SIEM, and endpoint protection
· "On-call" availability (Some nights, weekends, and holidays)
Competitive Applicants Will Have
· Experience in a Managed Services role
· Experience as an incident responder
· Threat hunting experience
· Experience with tools and technologies such as Belkasoft Evidence Center,Velociraptor, Sysmon, osquery, MISP.
· Working knowledge of industry best practices such as PCI-DSS, and NIST
مهارتهای مورد نیاز
- soc
- Analysis
- siem
حداقل سابقه کار
- سه تا شش سال
جنسیت
- مهم نیست
وضعیت نظام وظیفه
- معافیت دائم پایان خدمت