3 Soc L2 Jobs

As the Anti-Phishing Specialist, you will be leading the organization's efforts to detect, prevent, and respond to phishing attacks and other email-based threats. Your role is crucial in developing strong anti-phishing strategies, managing email security technologies, responding to incidents, and educating users to enhance organizational resilience against cyber threats. Your key responsibilities will include identifying and facilitating takedown of phishing websites and rogue applications, proactively addressing a broad spectrum of cyber threats such as DDoS, ransomware, BEC, spear phishing, whaling, vishing, and other social engineering attacks. You will also be responsible for monitoring and analyzing inbound emails to detect malicious content, recommending rule adjustments to reduce email-borne threats, designing, implementing, and maintaining anti-phishing strategies, policies, and procedures, managing and optimizing anti-phishing tools and platforms like DMARC, DKIM, SPF, and secure email gateways, developing advanced detection rules and filters to counter evolving phishing tactics, leading phishing-related incident response efforts including containment, eradication, recovery, and post-incident review, delivering regular employee training and awareness programs on phishing prevention, collaborating with security teams to provide guidance on email security best practices, evaluating emerging anti-phishing technologies, recommending improvements, staying abreast of current phishing trends, attack methods, and mitigation techniques, and producing detailed reports on phishing incidents, metrics, and defensive performance. To qualify for this role, you should have a Bachelor's degree in Computer Science, Information Security, or a related field, along with 5+ years of hands-on experience in anti-phishing, email security, or a similar domain. You should possess strong expertise in email protocols (SMTP, etc.) and security standards (DMARC, DKIM, SPF), proven experience with enterprise email security solutions like Proofpoint, Mimecast, Ironscales, a deep understanding of phishing tactics, social engineering, and email-based threat vectors, strong analytical, problem-solving, and communication skills, demonstrated leadership in mentoring or guiding security teams, and preferred certifications such as CISSP, Certified Email Security Manager (CESM), or equivalent. Your skills should include SOC L2, Cyber Security, and Phishing.,

Role & responsibilities Daily review of security alerts/logs with follow-up on any suspicious activity Perform investigation of network and hosts/endpoints for malicious activity, to include analysis of packet captures, and assist in efforts to detect, confirm, contain, remediate, and recover from attacks. Proactively monitor, identify and analyze complex internal and external threats, including viruses, targeted attacks and unauthorized access, and mitigate risk to IT systems Work in concert with team members, Information Security engineering, and relevant Subject Matter Experts to process, analyze and drive the remediation of identified IT related vulnerabilities Responsible to follow the IT Security Incident Response policies and tools Contribute to Information Security policies, standards, and supporting documentation Root cause analysis, troubleshoot complex issues with existing security and privacy protection protocols Responding to inbound security monitoring alerts, emails, and inquiries from the organization. Providing support for Incident Response, including evidence collection, documentation, communications, and reporting Maintaining and improving standard operating procedures and processes

Job Description- Cyber Defense Analyst We are looking for the next superstar Cyber Security Analyst to join our managed services team. Youll be part of a team responsible for the delivery of 24x7 security monitoring and analysis, with a primary focus on incident response and threat hunting. This is a customer-facing role and top-notch communication skills are absolutely essential. The Role Monitor, triage and respond to reported security incidents. Proactively hunt and manage unreported (aka. silent) phishing attacks (Intrusion Detection) Gather information, run correlation analysis and forensics to inform risk assessment Actively and timely communicate information about incidents or potential incidents to the wider team as per escalation policies Write post-incident reports Where required, develop security frameworks, contribute to run books, and lead the implementation of new security tools Work across multiple domains and technology stacks to identify vulnerabilities Ideal Personality Passion for cybersecurity Perseverance and tenacity Strong willingness to learn Logical problem-solver with a strongly analytical bent of mind Detail-oriented Ability to maintain a cool head and take decisive action in time-critical situations Natural team player. Good at building and maintaining relationships across the team, as well as getting others on board Understands the importance of proactive and clear communication in a large, busy environment Skills Very strong communication skills, report-writing and verbal communication. You must be excellent at explaining what's happening to other people in a clear and timely manner. Ability to identify, classify and breakdown the taxonomy of various types of phishing attacks. Good understanding of networks, applications, databases, systems, Active Directory, Cloud platforms and how they work together. PowerShell or Python scripting knowledge. Demonstrable expertise in any 4 of the following: Incident Management & Response, Threat Hunting with EDR & SIEM, IPS/IDS, Endpoint Monitoring & Detection, and Forensics Good understanding of Information Security Standards and Frameworks like NIST, GDPR, ISO27001, CIS Benchmarks Knowledge of information security tools and techniques and current industry best practices Qualifications & Experience: 2-3 years of real-world experience dealing with wide-ranging Incident Response with a strong understanding of phishing incidents and their mitigation steps. 2-3 years of real-world experience working with SEGs or general email systems 2-3 years of real-work experience working with the SIEM solutions. 2-3 years of real-world experience working with EDR solutions. 2-3 years of experience with Threat Assessment and Mitigation methods, Vulnerability Analysis, risk mitigation, information gathering and reporting 2-3 years of experience working in enterprise security operations Security qualifications i.e. a relevant security-related certification or degree