Key Responsibilities:
- Investigating cyber security incidents and threats;
- Improving the detection, containment, and resolution of incidents;
- Analyzing data from multiple tools and data sources;
- Creating reports and visualizations of security attacks;
- Working on the decrease of false positives;
- Maintaining the detection rules database.
Requirements:
- 1-3 years of hands-on Incident Response experience;
- Strong knowledge of NGFW, SIEM, SOAR, antivirus, EDR/XDR, and WAF solutions;
- Strong knowledge and understanding of network protocols and devices;
- Security monitoring experience with one or more SIEM technologies – Splunk, IBM QRadar and etc.
- An understanding of the MITRE ATT&CK Framework and Cyber Kill Chain methodologies
- Experience with investigating common types of attacks, network packet analysis, log analysis, and reviewing security events;
- Experience with developing response workflow for a security event;
- Ability to think like an adversary.
Interested candidates can send their CVs by mentioning “L 2 SOC Analyst” in the subject line.