Global SOC SME

• The Global security operation centre (GSOC) Plays a critical role in monitoring and responding to security incident on a global scale
• (GSOC) integrate intelligence and analytics with technology to monitor security and improve incident response
• Delivering comprehensive solutions that combine your software applications and operational management systems, Global security console solutions are designed to maximize employee performance as you forecast events, analyze business impacts, and improve decision-making

Qualifications

• Graduation/Post graduation in, Computers, Information Systems, Computer Science, or Information technology systems
• 10+ years of work experience in cyber security /Information security project, with security posture assessment
• Experience of building, setting up or designing SOC architecture
• At least one technical certification required (Security+ Network+ CEH, CISM)
• Should have at least one cyber security certification (CASP, CYSA+, GCIA, GMON GCIH) or any similar certifications
• Understanding of technology-related issues and how they might impact business;
• Awareness of appropriate local laws and regulations dealing with technology;
• Ability to communicate effectively, both orally and in writing.
• Strong analytic skills and business judgment with ability to independently assess and resolve complex program/project issues

Skills Required

• Able to Provide proactive, coordinated risk monitoring while maintaining the ability to respond and mitigate the impact of threats.
• Required experience including but not limited to SIEM and EDR capabilities.
• Experience in working under pressure in a fast-paced environment.
• Strong collaboration and communications skills required to address and resolve issues in a matrixed environment.
• Capability to develop professional documents in the form of reports, analysis, documentations (in English)
• Strong attention to detail, analytical mind, and outstanding problem-solving skills
• Fully professional proficiency in English
• Good experience and exposure for advanced incident analysis

Roles Responsibilities

• A Better understanding of threats, lateral movement, cryptography, phishing, Ransomware, spyware, brute force attack, trojan and IP reputation.
• Incident response and forensic analysis also include CIA framework.
• Security Incident handling and analysing events and row logs for possible incident and finding the RCA for the same
• Ability to perform the root cause investigation, to determine the technical vulnerabilities that gave hackers access to the system, as well as other factors (such as bad password hygiene or poor enforcement of policies) that contributed to the incident.
• Understanding and analysing security events generated from the Security tools and devices.
• Familiar with attack tactics, tools and technique (MITRE ATTCK and Lockheed-Martine cyber kill chain framework.
• Understanding of detection and response activities associated with user credentials and OS-Level
• Ability to accurately and efficiently monitor, detect, analyse and triage security events.
• Experience with SOC ticketing system and SOC processes.
• Understanding of analysing network traffic commensurate with CompTIA network+
• Knowledge of cyber incident response processes common containment and remediation strategies
• Malware Analysts or Reverse Engineers offer support in responding to sophisticated threats by reverse engineering malware to help inform incident investigations, provide threat intelligence to the SOC, and improve future detection and response efforts.
• Vulnerability Managers continually identify, assess, report on, manage and remediate vulnerabilities across endpoints, workloads and systems.
• Able to perform open-source research on the events of interest vulnerability and malicious indicator
• Shutting down compromised endpoints or disconnecting them from the network
• Isolating compromised areas of the network or rerouting network traffic
• Pausing or stopping compromised applications or processes
• Deleting damaged or infected files
• Running antivirus or anti-malware software
• Decommissioning passwords for internal and external users.
• Function as a business partner, supporting the same mission and objectives it is charged with protecting.
• Provide real-time situational awareness: identifying and helping staff manage emerging threats with actionable insights and clear communication during critical events.
• Create informed, prepared, and empowered staff, allowing them to act confidently and decisively in times of peril