Note: Strictly No 90 days Candidates
We will only accept 30 to 60 days/Serving notice candidates
Primary Skills
- Monitor alerts using SIEM, Next Gen SIEM tools (Sentinel, XSIAM)
- Basic log analysis (firewalls, endpoints, OS)
- Identify threats (malware, phishing) and triage incidents
- Understand networking and cybersecurity fundamentals
Secondary Skills
- Ticketing and documentation
- Threat intelligence awareness.
- Clearly report findings and carefully review alerts and logs to spot potential threats.
Required experience:
- Entry level experience in SOC Analysis Operations.
- Entry level experience in SIEM usage for investigations.
- Entry level experience in Security technologies such as (but not limited to) Firewall, IPS, IDS, Proxy.
- Entry level experience in dealing with technical support to clients.
- Entry level experience in handling security incidents end to end.
- Entry level experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots and other security tools.
- Entry level experience in Security Analysis or Engineering preferably gained within a global services organization.
Key Responsibilities:
- Works as part of a global Cyber Defense Centre (CDC) team that works 24/7 on rotational shifts.
- Works with client stakeholders and relevant internal teams to tune the MSSP platform and client SIEM to enable more efficient detection, analysis and reporting.
- Under guidance, generates continuous improvement ideas for supported security tools/technologies, to enable improvements to the company services, employee experience and client experience.
- Adheres to SOPs, customer Run Books and standard processes to ensure a globally consistent delivery whilst also proposing changes and improvements to these standards.
- Utilizes and document best practices and amend existing documentation as required.
- Support with security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics.
- Learns and utilizes a broad range of skills in LAN technologies, Windows and Linux O/Ss, and general security infrastructure.
- Ensures usage of knowledge articles in incident diagnosis and resolution.
- Under guidance, perform defined tasks to inform and monitor service delivery against service level agreements and maintain records of relevant information.
- Cooperates closely with colleagues to share knowledge and build a cohesive and effective team environment, benefiting the individual, the business and the client.
- Performs any other related task as required.
Knowledge and Attributes:
- Knowledge on implementation and monitoring of a company supported SIEM or security tools/technologies/concepts.
- Knowledge on security architecture, worked across different security technologies.
- Knowledge and understanding of the operation of modern computer systems and networks and how they can be compromised.
- Displays excellent customer service orientation and pro-active thinking.
- Displays problem solving abilities and is highly driven and self-organized.
- Good attention to detail.
- Displays analytical and logical thinking.
- Well spoken and written communication abilities.
- Ability to remain calm in pressurized situations.
- Ability to keep current on emerging trends and new technologies in area of specialization.
Academic Qualifications and Certifications:
- Bachelor's degree or relevant qualification in Information Technology or Computing or a related field.
Security certifications such as (but not limited to) AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCNA, JNCIA, ACCA, PCNSA, CCSA is advantageous.
