Back
SOC Analyst Level 1 and 2
The Incident Detection role helps security operations by responding to escalated alerts and monitoring alerts. This position conducts in-depth analysis of security events with the specific ability to identify Indicators of Compromise, perform intrusion scope and root cause analyses and implement triaging protocols to mitigate potential damage to our cyber ecosystem.
KEY RESPONSIBILITIES
- Conducts Event Detection, Incident Triage, Incident. Handling, Hunting activities by leveraging our detection/response platforms
- Continuously monitors levels of service as well as interpret and prioritize threats through use of cyber threat intelligence, intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed
- Provide 24x7 incident detection and monitoring service, and performance report on regular basis
- Escalates cyber security events according to playbook and standard operation procedures (SOPs).
- Remediate non-compliance with technical and security requirements.
- Escalates high or critical severity level incidents to Incident Investigators.
- Assists with containment of threats and remediation of environment during or after an incident
- Performs triage of service requests from customers and internal teams
- Develop and implement remediation plans in response to incidents
- Updates procedures and configure tools for Monitoring Analysts consumption
- Consumes threat intelligence and disseminate findings to relevant parties
- Conducts hunting activities based on internal and external threat intelligence
- Integration of additional supported log source/device and development of new use cases as required
Skills
- SPLUNK, INCIDENT HANDLING, SIEM, INCIDENT RESPONSE, SOC, MALWARE DETECTION
USA
4 + Years
Full-Time
