Investigates deeper on the detected behaviors when an incident had been happened
Add context to the incident to understand the behavior, analyzing data from multiple tools and data sources
Create reports and visualizations of security attacks
Tracks trends for metrics and reporting
Works on the decrease of false positives
Maintain the detection rules database
Leads and participates to the continuous improvement of the service (detection level, process, operational procedures, service efficiency, service reporting)
deal with the security incidents which are detected by the service and to lead in-depth analysis on these incidents
Tier 2 SOC Analysts are also responsible for researching, responding to, and creating tickets within the
ticketing system.
Ø Tier 2 Analysts are responsible for:
Determining service impact of security events.
Alerting customers to possible malicious activity.
Working tickets via ticketing system.
Creating tickets for various needs of the SOC.
Research and data collection of events of interest.
Engaging support of Network Operations Center (NOC), Network Engineers and/or
the CSIRT (Computer Security Incident Response Team) when necessary.
Three (3) to five (5) years of Security Incident Response, Security Operations Center, and/or threat analysis experience.
Demonstrated experience using either an enterprise and/or cloud Security SIEM technologies as an analyst.
Ability to support and work across multiple customer and bespoke systems.
Receive and analyze security alerts from various sources within the enterprise and determine possible causes of such alerts.
Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous
activities, and misuse activities and distinguish these incidents and events from benign activities.
Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
Assist in the construction of signatures which can be implemented on cyber defense network tools
in response to new or observed threats within the network environment or enclave.
false positive, or contact customer as needed.
Required Skills:
Rigorous and respectful of process. Strong attention to details.
Strong time management skills with the ability for multitasking
Information Security and operational oriented mind-set
Intrusion and Information system corruption techniques
Knowledge of security policies for information systems
Autonomous and self-organized
Analysis and synthesis skills
Communication and oral expression
معرفی شرکت
هلدینگ توسعه فناوری سوشیانت با هدف خلق بسترهای مورد نیاز اکو سیستم فینتک در سال ۱۳۹۲ آغاز به کار کرد.
در این سالها همواره هدف و چشمانداز ما خلق بسترهایی بوده تا فرآیندها در حوزه فینتک و بازارهای مالی را آسانتر کنند.
محصولات هلدینگ سوشیانت عبارتند از :
فارابیکسو؛ پلتفرم آنلاین معاملاتی بازار بورس
سعدی؛ اولین سامانه فروش سهام عدالت
جیبیمو؛ کیف پول و درگاه پرداخت
صدتحلیل؛ اولین پلتفرم سوشال تریدینگ در ایران