The SOC/CSIRT Analysts (Tier I) will be members of Security Operations Centre and will actively monitor security threats and risks, provide in-depth incident analysis, evaluate security incidents and will provide proactive threat research. The SOC/CSIRT Analyst will utilize the latest in security technology and be on the fore-front of incident response.
- Understanding and implementing proper Incident Handling procedures.
- Basic understanding of information security policies and doctrine, ability to draft, modify and create SOP for use of other team members.
- Recognizing vulnerabilities and publicly known attack traffic patterns.
- Evaluating and determine if/when information security violations have occurred.
- The ability to demonstrate in-depth knowledge of security threats.
- The ability to demonstrate expertise in correlation analysis, along with an understanding of monitoring programs, such as Splunk and Arcsight.
- Maintaining and developing an understanding of malware and forensic analysis.
- Coordinating response efforts with various departments within the organization in a cooperative and beneficial manner.
- Maintaining situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
Required Skills, Experience, and Qualifications:
- 1-3 years of experience in SOC or equivalent Cyber Security environments.
- Knowledge in information security controls such as Firewalls, IDS/IPS, WAF, proxy, routers is a must.
- Understanding of common network services (web, mail, FTP, etc), network vulnerabilities, and network attack patterns is a must.
- A strong passion for Information Security and the will to learn new things.
- A PLUS to have at least one (1) certification in the field of information technology from a respectable security organization.
- Candidate must be willing to work in shifts of 9 hours (one shift per day) either morning shift or night shift, 5 days a week (Mon – Fri).
- Candidate must be able to travel by car when no public transportation is available.
- Fluent verbal and written English.