Soc Level 2 Threat Triage

SOC PersonnelResponsibilities and SkillsLevel 2 Threat TriageActs on the Incident Escalations generated by the Level 1 analyst team. Responsibilities include: Gather Additional Details and Identify Impact. Review causal factors (from RP Workshop) Collect data needed to determine causal factor Identify the root cause Enrich the incident with contextual info Perform analysis with understanding of OT Systems Assess impact on assets Check if additional tuning is required Adjust Security Priority, if necessary, update incident categories, severity and disposition Assign Ticket to T3 Response, in case of escalation 3-5 years of experience in SOC monitoring (L1 + 2 years) GIAC GCIH CEHLevel 3 Threat Response Support Accept escalations from the Threat Triage Team Execute incident handling program Co-ordinate with IT, security operations and other teams for remediation and trigger forensics process as appropriate Perform Root cause analysis (RCA) for the incidents and update the knowledge base. Coordination with BANK DKI SOC leadership for communication with Business, Legal, HR, Communications, BCP etc. Provide overall governance to the SOC team Handle the situation during the security breach 6-8 years of experience in SOC monitoring CISSP, CEHSOC ManagerResponsibilities include: Provides first line management to direct report staff Maintains employee performance tracking Develops and maintains personnel training plans Monitors workload and priority levels Monitors and manages ticket and call queues Prioritizes/aligns shift resources to make sure that the most urgent and important issues are handled first Develops and trains staff on new procedures as necessary Provides proper documentation of internal and external exceptions Ensures that customer and internal issues are properly resolved or escalated 8-12 years of experience with 3+ years f SOC manager experience