استخدام SOC Analyst
شرح موقعیت شغلی
- Support or contribute the different levels of the incident response process in case of confirmed incidents
- Support and contribute the execution of incident simulation exercises for validation and improvement of the overall incident response capabilities
- Help us create useful alerts from events
- Operate and optimize security processes and tools
- Developing incidence response playbooks
- Handling security incidents/alerts, investigating the root cause in collaboration with other Security teams, establishing corrective controls, and minimizing the impact
- Investigate breaches, gather evidence, and analyze data
- Correlate actionable security events from various log sources and Threat Intelligence (TI)
- Maintain and enhance our security monitoring toolkit (SIEM, sensors, etc.)
- Create, improve, and implement security detection techniques within our SIEM
- Help us identify malicious activities within our network, which our current toolset might not cover
- Work as part of a team to deploy and maintain secure and reliable network architecture as well as server/system security best practices
- Build security tooling and automation for internal use that enables the Security Department to operate at high speed and wide-scale
- Participate in team problem-solving efforts and offer ideas to solve the issues
- Advice and support the company in all security-related matters
Required Qualifications:
- Familiar with different attacks on different layers of standard TCP / IP model
- Proficient in SIEM and Log Analysis tools like Splunk
- Proficiency in writing Regular Expression
- Ability to use scripting to automate Security Operations Center processes
- Ability to analyze security incidents
- Proficient in incident handling and incident response
- Ability to perform multiple tasks (Multi-Tasking)
- Self-Study capability and morality
- Capability of performance management under stressful situations
- Ability to provide creative s solutions
- Proficient in designing template documentation and technical reports
- Enough experience in teamwork
- At least 1 years of experience in cyber security
مهارتهای مورد نیاز
- soc
- siem
- Splunk
- tcp/ip
حداقل سابقه کار
- سه تا شش سال
جنسیت
- مهم نیست
وضعیت نظام وظیفه
- مهم نیست