آگهی‌های استخدامی

استخدام SOC Senior Analyst

تپسی | TAPSI
تهران، تهران

شرح موقعیت شغلی

Responsibilities: 

Alert Triage: Investigate and analyze security alerts generated by Splunk, ensuring accurate identification of security incidents. 

Alert Refinement: Fine-tune and optimize alerting rules to reduce noise, ensuring a more focused and efficient detection process, leading to enhanced accuracy and responsiveness in the SOC. 

SIEM Monitoring: Create and Monitor Splunk dashboards and alerts to detect and respond to security events in real-time. 

SIEM Optimization/maintenance: Optimize SIEM Architecture and Infrastructure. Establish Monitoring and Maintenance Processes  

Threat Hunting: Independently and proactively identify and investigate advanced threats by utilizing threat intelligence, anomaly detection, and advanced analytics in Splunk and other tools in order to hunt threats and create accurate detection rules.

Playbook Development and Triage Enhancement: Design, create, and maintain playbooks for security alerts, refining the triage process for both SOC analysts to streamline incident response and improve overall efficiency. 

Incident Response: Lead and coordinate advanced incident response activities, including analyzing and mitigating sophisticated security incidents

Incident Documentation: Document and maintain detailed incident reports, including the analysis, actions taken, and recommendations for improvement. 

EDR and XDR Administration: Optimize and fine-tune EDR and XDR configuration and policies to detect and respond to advanced 

 

Qualifications: 

·       Bachelor's degree in Cybersecurity, Information Technology, or a related field. Minimum of 5 years of experience in a SOC environment. 

·       Advanced knowledge of Splunk and SPL.

·       Deep understanding of attackers TTP.

·       Strong understanding of threat hunting techniques and threat intelligence.

·       Familiar with malware analysis methodologies. 

·       Automation and scripting knowledge 

·       Good communication and collaboration skills. 

·       Relevant certifications is a plus.

·       Ability to work with other Security Tools including security assessment tools, Endpoint protection , EDR, and WAF.

مهارت‌های مورد نیاز

  • soc
  • Splunk
  • siem

حداقل سابقه کار

  • سه تا شش سال

جنسیت

  • مهم نیست

وضعیت نظام وظیفه

  • مهم‌ نیست

نوع همکاری:

تمام وقت

دسته‌بندی شغلی:

IT / DevOps / Server

تاریخ انتشار آگهی:

۱۴۰۲/۱۲/۰۵ (منقضی‌شده)

مشاغل مشابه

مشاهده آگهی‌های استخدام مشابه