We are Lenovo. We do what we say. We own what we do. We WOW our customers.
Lenovo is a US$69 billion revenue global technology powerhouse, ranked #196 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY).This transformation together with Lenovo’s world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com, and read about the latest news via our StoryHub.Security Operations Centre (SOC) Analyst plays a vital role in Security delivery. As a SOC Analyst Level 2, you will be on the front line of Cyber Defense, detecting responding to Cyber Incidents as they happen. You will work with other team members to provide situational awareness through detection, containment, and remediation of IT threats. This job requires great attention to detail and general awareness of Cyber Security tools like SIEM, XDR, EDR, IDS/ IPS, ability understand various logs – network logs, sys logs, Firewall logs. As a SOC Analyst you are expected to have working knowledge in areas of networking, malware analysis, incident response, vulnerability management.
- Threat vulnerability analysis
- Investigate, document report Information security issues emerging trends
- Analysis response to unknown vulnerabilities
Responsibilities
As a SOC Analyst – Level 2, you will:
- Monitor security logs and alerts from different security monitoring platforms and sources using SIEM and direct information on an advanced level
- Perform Triage on Incidents detected.
- Submit incidents for a follow-up to functional maintenance;
- Track progress on incidents that have been submitted from outside of the SOC
- Resolve Incidents
- Propose and identify automation opportunities resulting from incidents;
- Plan, and implement security processes to detect attacks;
- Analyze security breaches/incidents to determine their root cause;
- Analyze suspicious events/traffic from the different devices and finding patterns.
- Investigating suspicious/suspected machines for any potential infections with latest repository of IOCs.
- Provide recommendations to the Client team, on how to mitigate or avert the occurrence of any suspicious activity within their environment.
- Provide In depth analysis to the user/customer about the phishing cases (i.e. Spam, Phishing, Campaign...etc.)
- Install connectors for specific devices to get the logs to the connector.
- Troubleshoot connector/ logger/ Manager for log retrievals
- Prepare SOC Management Reports.
- Analyzing preparing daily and monthly reports based on the devices which are being monitored
- Creating Reports and Dashboards based on the customer requirement.
- Creating Queries for the Rules requested by client for real time alerts.
- Creating Reports which helps in providing the logs for the alerts, for finding any possible threats.
- Review security events that are populated in a Security Information and Event Management (SIEM) or other SOC Security tools implemented
- Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths.
- Independently follow procedures to contain, analyze, and eradicate malicious activity.
- Updating Knowledge Base (KB) regularly at pre-defined intervals
- Work under supervision of technical lead to accomplish assigned tasks.
- Change Management/ Implementation: Independently implement changes to meet customer infrastructure needs within area of technical responsibility
- Patch and Security Management: Apply patch and security changes per policy."
- Configuration Management: Ensure Configuration Management Database (CMDB) entries are complete and accurate.
- Quality: Provide continual improvement recommendations for direct responsibility area (process improvement, technical standard updates, etc).
- Project Management: Participate in customer and internal projects, including transformation.
- Customer Relationship Management: Set expectations with customers and/or internal businesses/end users within defined parameters.
- Teamwork: Work as part of a team, which may be virtual and/or global. Participate as part of a team and maintains good relationships with team members and customers
Skill
3 - 6 years of relevant experience
Typical Skills Include:
- Sufficient depth and breadth of technical knowledge to be individually responsible for the implementation of a specific deliverable.
- Understanding of technology in direct responsibility (SIEM, XDR, EDR, MDR)
- General understanding of related technologies (Networking, Operating Systems)
- Customer Service
- General Project Management (Intermediate)
- Customer/Vendor Management (Intermediate)
- Business Analysis (Intermediate)
- Has ability to perform/drive resolution of problems on individual products.
- Able to communicate broad and specific concepts with team and to peers.
- Able to produce documentation for use by team and customer.
- Able to perform/drive resolution of problems on combinations and interactions of products
- Strong verbal written communication skills
- Proactive approach to meet exceed goals
Qualification Experience
Bachelor’s Degree in Engineering, Computer Science3 – 6 years of relevant experience in SOC domainUnderstanding of ITIL processSecurity related certifications (Security+, CEH) will be an added advantage
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, national origin, status as a veteran, and basis of disability or any federal, state, or local protected class.
WD00088851 https://lenovo.avature.net/en_US/careers/JobDetail?jobId=70791
Security Operations Centre (SOC) Analyst plays a vital role in Security delivery. As a SOC Analyst Level 2, you will be on the front line of Cyber Defense, detecting responding to Cyber Incidents as they happen. You will work with other team members to provide situational awareness through detection, containment, and remediation of IT threats. This job requires great attention to detail and general awareness of Cyber Security tools like SIEM, XDR, EDR, IDS/ IPS, ability understand various logs – network logs, sys logs, Firewall logs. As a SOC Analyst you are expected to have working knowledge in areas of networking, malware analysis, incident response, vulnerability management.
- Threat vulnerability analysis
- Investigate, document report Information security issues emerging trends
- Analysis response to unknown vulnerabilities
As a SOC Analyst – Level 2, You Will:
- Monitor security logs and alerts from different security monitoring platforms and sources using SIEM and direct information on an advanced level
- Perform Triage on Incidents detected.
- Submit incidents for a follow-up to functional maintenance;
- Track progress on incidents that have been submitted from outside of the SOC
- Resolve Incidents
- Propose and identify automation opportunities resulting from incidents;
- Plan, and implement security processes to detect attacks;
- Analyze security breaches/incidents to determine their root cause;
- Analyze suspicious events/traffic from the different devices and finding patterns.
- Investigating suspicious/suspected machines for any potential infections with latest repository of IOCs.
- Provide recommendations to the Client team, on how to mitigate or avert the occurrence of any suspicious activity within their environment.
- Provide In depth analysis to the user/customer about the phishing cases (i.e. Spam, Phishing, Campaign...etc.)
- Install connectors for specific devices to get the logs to the connector.
- Troubleshoot connector/ logger/ Manager for log retrievals
- Prepare SOC Management Reports.
- Analyzing preparing daily and monthly reports based on the devices which are being monitored
- Creating Reports and Dashboards based on the customer requirement.
- Creating Queries for the Rules requested by client for real time alerts.
- Creating Reports which helps in providing the logs for the alerts, for finding any possible threats.
- Review security events that are populated in a Security Information and Event Management (SIEM) or other SOC Security tools implemented
- Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths.
- Independently follow procedures to contain, analyze, and eradicate malicious activity.
- Updating Knowledge Base (KB) regularly at pre-defined intervals
- Work under supervision of technical lead to accomplish assigned tasks.
- Change Management/ Implementation: Independently implement changes to meet customer infrastructure needs within area of technical responsibility
- Patch and Security Management: Apply patch and security changes per policy."
- Configuration Management: Ensure Configuration Management Database (CMDB) entries are complete and accurate.
- Quality: Provide continual improvement recommendations for direct responsibility area (process improvement, technical standard updates, etc).
- Project Management: Participate in customer and internal projects, including transformation.
- Customer Relationship Management: Set expectations with customers and/or internal businesses/end users within defined parameters.
- Teamwork: Work as part of a team, which may be virtual and/or global. Participate as part of a team and maintains good relationships with team members and customers
Skill
3 - 6 years of relevant experience
Qualification Experience
Bachelor’s Degree in Engineering, Computer Science3 – 6 years of relevant experience in SOC domainUnderstanding of ITIL processSecurity related certifications (Security+, CEH) will be an added advantage
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, national origin, status as a veteran, and basis of disability or any federal, state, or local protected class.
