Alert Triage: Investigate and analyze security alerts generated by Splunk, ensuring accurate identification of security incidents.
Alert Refinement: Fine-tune and optimize alerting rules to reduce noise, ensuring a more focused and efficient detection process, leading to enhanced accuracy and responsiveness in the SOC.
SIEM Monitoring: Create and Monitor Splunk dashboards and alerts to detect and respond to security events in real-time.
SIEM Optimization/maintenance: OptimizeSIEM Architecture and Infrastructure. Establish Monitoring and Maintenance Processes
Threat Hunting: Independently and proactively identify and investigate advanced threats by utilizing threat intelligence, anomaly detection, and advanced analytics in Splunk and other tools in order to hunt threats and create accurate detection rules.
Playbook Development and Triage Enhancement: Design, create, and maintain playbooks for security alerts, refining the triage process for both SOC analysts to streamline incident response and improve overall efficiency.
IncidentResponse: Lead and coordinate advanced incident response activities, including analyzing and mitigating sophisticated security incidents
Incident Documentation: Document and maintain detailed incident reports, including the analysis, actions taken, and recommendations for improvement.
EDR and XDR Administration: Optimize and fine-tune EDR and XDR configuration and policies to detect and respond to advanced
Qualifications:
· Bachelor's degree in Cybersecurity, Information Technology, or a related field. Minimum of 5 years of experience in a SOC environment.
· Advanced knowledge of Splunk and SPL.
· Deep understanding of attackers TTP.
· Strong understanding of threat hunting techniques and threat intelligence.
· Familiar with malware analysis methodologies.
· Automation and scripting knowledge
· Good communication and collaboration skills.
· Relevant certifications is a plus.
· Ability to work with other Security Tools including security assessment tools, Endpoint protection , EDR, and WAF.
معرفی شرکت
تپسی یه کسب و کار آنلاینه در زمینه حمل و نقل، با 20 میلیون کاربر در بیش از 28 شهر ایران، که بیش از 1000 نفر رو در سراسر ایران گرد هم آورده، و هر روز داره بزرگتر میشه و رشد میکنه.
ما تیمی هستیم که معتقدیم میتونیم کشورمون، اقتصادمون، و حتی جامعهمون رو به سوی بهتر شدن تغییر بدیم. تیمی که تاثیر مثبت بر زندگی دیگران رو، منبع انرژی کار چالشبرانگیز روزمرهی خودش میدونه و به دنبال فرصتهایی برای تغییره. تپسی جای رشد و یادگیریه، و پیشرفت در اون هرگز متوقف نمیشه. اینجا همونجاییه که ازخودت سبقت میگیری!