Security Operations Center (SOC) Analyst

Functional Overview:

The Security Operations Analyst is responsible for monitoring, reporting, and analyzing the organization’s global security posture. They must be able to analyze all available information, including logs, network traffic, and other data generated by the security systems in place, to identify actual anomalies, security breaches, and other incidents, distinguishing between false positives and genuine threats.

Duties and responsibilities:

• Continuously monitors the alert queue and analyzes available logs and context necessary to initiate incident response work.
• Coordinate triage with local stakeholders on security alerts
• Analyzes and determines actionable items based on all available logs, packet captures, and other relevant data, accurately distinguishing between actionable and non-actionable information and weeding out false positives and irrelevant data.
• Handle security offense tickets and ensure compliance with the Service Level Agreement (SLA) by communicating, escalating, and following up with the internal team and stakeholders, providing timely updates until resolution.
• Conduct vulnerability assessments and resolve security issues identified through evaluations and other sources.
• Support numerous security project implementations from a technical perspective.
• Evangelize security within the company and serve as an advocate for maintaining trust with partners and customers.
• Staying up to date with emerging security threats, including applicable regulatory security requirements.
• Other responsibilities and additional duties as assigned by the security management team

Minimum competencies:

• Minimum 5 years of experience working within information security.
• Working experience in creating SOC playbooks and threat hunting.
• Experience with

  Microsoft Azure Sentinel

  and

  Microsoft 365 Defender

  is required.
• Strong understanding of phishing detection and response.
• Knowledgeable in Windows/Unix or any penetration testing tools.
• Strong written communication skills and presentation skills.
• Strong understanding of security incident management, malware management, and vulnerability management processes.
• Knowledge of network protocols, firewalls, and IDS/IPS systems.
• Cloud Security & Firewalls: Microsoft Azure (Azure Firewall, Defender for Cloud), Palo Alto
• SIEM & SOAR Tools:

  Microsoft Azure Sentinel,

  M365 Defender
• Network and Security Certification is a huge plus (CCNA, CCNP, CompTIA (Network+ce, Security+ce, CySa+ce)