Senior Level - SOC Detection Analyst

Key Responsibilities

• Advanced Security Event Analysis & Triage

  :
• Perform in-depth analysis and triage of escalated security events from tools such as

  SIEM

  ,

  IDS/IPS

  , and

  EDR

  .
• Correlate data from various sources to validate security incidents and provide actionable intelligence.
• Determine the scope and impact of incidents and document findings clearly for incident response teams.

• Detection Rule Development & Optimization

  :
• Develop and fine-tune

  detection rules

  , alerts, and dashboards within the

  SIEM

  platform to improve detection capabilities.
• Analyze and optimize existing detection logic based on trends, intelligence, and best practices to reduce false positives.
• Stay updated on emerging threats and attack techniques to proactively develop new detection strategies.

• Threat Intelligence Integration

  :
• Leverage

  threat intelligence feeds

  to enrich security event analysis and correlate with internal data to identify

  indicators of compromise (IOCs)

  .
• Contribute to the development of

  threat profiles

  and

  attack scenarios

  tailored to the organization's specific needs.

• Incident Escalation & Collaboration

  :
• Serve as a point of escalation for complex or high-severity events.
• Collaborate with

  incident responders

  ,

  threat hunters

  , and other teams to provide critical analysis during incident handling.
• Provide mentorship and technical guidance to junior analysts during the triage and analysis stages.

• Security Tooling & Technology Expertise

  :
• Maintain expertise in the organization's security tools and infrastructure to ensure optimized functionality.
• Troubleshoot and address issues related to

  security monitoring tools

  and contribute to their optimization.
• Evaluate and recommend new security technologies or enhancements for improved detection and response capabilities.

• Development of Knowledge and Procedures

  :
• Contribute to developing and maintaining SOC

  knowledge base

  articles,

  standard operating procedures (SOPs)

  , and

  playbooks

  .
• Share insights, knowledge, and best practices through mentorship and training of other

  SOC analysts

  .

• Proactive Threat Hunting Support

  :
• Collaborate with

  threat hunters

  to provide insights from analysis, identifying focus areas for proactive investigations.
• Assist in the execution of

  threat hunting methodologies

  based on real-time security data and analysis findings.

• Reporting & Metrics

  :
• Contribute to the development of key

  performance indicators (KPIs)

  for detection effectiveness.
• Prepare and present reports on detection trends, alert volumes, and findings to stakeholders and leadership.

Mandatory Skills

• SIEM

  (Security Information and Event Management) expertise.
• Hands-on experience with

  IDS/IPS

  ,

  EDR

  , and other security tools.
• Ability to develop and optimize

  detection rules

  and

  alerts

  in SIEM platforms.
• Strong knowledge of

  threat intelligence integration

  and

  IOCs

  .
• Experience in

  incident response

  and

  escalation management

  .

• Advanced analytical and troubleshooting

  skills to identify and assess security events.

Desired Skills

• Familiarity with emerging

  cybersecurity trends

  and attack techniques.
• Experience with

  security automation

  tools or methodologies.
• Ability to collaborate across teams and provide mentorship to junior analysts.
• Expertise in

  reporting

  and creating

  metrics

  for security operations.