Incident Response Analyst

Junior Incident Responder / Junior SOC Analyst

Role

About the Role

As a Junior Incident Responder, you will play a vital role in the Cyber Security Operations Center (SOC) by assisting in the detection, analysis, and response to security incidents. You will work closely with senior incident responders to ensure the security and integrity of the organization's information systems.

Key Responsibilities and Accountabilities (KRA)

• Incident Detection and Analysis

  : Monitor security alerts and events, validate and analyse potential security incidents.

• Incident Response Support

  : Assist in the containment, eradication, and recovery of security incidents.

• Threat Analysis

  : Support threat hunting activities.

• Documentation

  : Maintain detailed records of incidents, actions taken, and outcomes.

• Collaboration

  : Work with other team members and external vendors to manage and resolve incidents.

• Reporting

  : Prepare and present incident reports and summaries to senior management.

• Monitoring and Analysis

  : Continuously monitor security alerts from various sources and perform initial analysis to identify potential security incidents.

• Incident Handling

  : Assist in the response to security incidents, including containment, eradication, and recovery efforts.

• Threat Intelligence

  : Support the collection and analysis of threat intelligence to improve incident response processes.

• Documentation and Reporting

  : Document all incidents and actions taken and prepare detailed reports for senior management.

• Collaboration and Communication

  : Coordinate with other SOC team members, external vendors, and stakeholders to ensure effective incident management.

Qualifications

• Education

  : Graduate in any discipline (preferably in IT/Computer Science).

• Experience

  : 2-3 years of relevant experience in a Security Operations Center (SOC) or similar environment.

• Certifications

  : IT Security-related certifications such as CEH, CompTIA Security+, or other industry-relevant certifications.

• Technical Skills

  : Understanding of applications, systems, networks, cloud, and infrastructure architecture; knowledge of logging mechanisms for Windows, Linux, and MAC OS platforms.

Specialized Skills

• SIEM Tools

  : Experience with SIEM tools like Arcsight, Qradar, Splunk, etc.

• Incident Response

  : Basic knowledge of incident response processes and techniques.

• Communication

  : Excellent communication skills, both written and verbal.

• Organizational Skills

  : Ability to stay organized and manage multiple tasks in a high-pressure environment.

• Security Mindset

  : Strong security mindset with the ability to question the status quo and navigate through roadblocks.

• Self-Motivation

  : Ability to work under own initiative and thrive in a dynamic environment.

• Professionalism

  : Strong work ethics and professionalism.

• Diplomacy

  : Ability to interact successfully with all levels of the business.