Job Description & Requirements
The Security SOC Analyst is responsible for monitoring, analysing, and responding to security incidents in real-time within a Security Operations Center (SOC). This role involves ensuring the security and integrity of the organization's systems by identifying threats, mitigating risks, and collaborating with various teams to address vulnerabilities.
Key Responsibilities:
1. Monitoring & Threat Detection
- Continuously monitor and analyze alerts from security tools (e.g., SIEM, IDS/IPS, firewalls) to identify potential threats.
- Investigate and evaluate security incidents, determining severity and potential impact on systems.
- Escalate suspicious activities and unresolved incidents to senior analysts or response teams.
2. Incident Response
- Execute response plans for security incidents, ensuring containment, mitigation, and recovery.
- Collaborate with incident response teams to analyze, investigate, and resolve breaches or data loss events.
- Maintain detailed incident reports and documentation for accurate tracking and compliance purposes.
3. Threat Intelligence
- Leverage threat intelligence sources to identify emerging attack tactics, vulnerabilities, and trends.
- Correlate threat data across multiple systems to proactively detect potential intrusions or risks.
4. Log Analysis
- Conduct thorough analysis of security logs, network traffic, and system behaviors to detect anomalies.
- Ensure compliance with security policies and regulatory standards through effective log management.
5. Reporting & Communication
- Prepare comprehensive incident reports, detailing findings, remediation efforts, and recommendations.
- Regularly update internal stakeholders on security incidents, vulnerabilities, and ongoing risks.
6. Security Tools & Technology
- Operate and manage security infrastructure, including SIEM platforms, IDS/IPS, firewalls, antivirus, and endpoint tools.
- Stay abreast of advancements in cybersecurity technologies and recommend updates to improve SOC effectiveness.
7. Collaboration
- Work with cross-functional teams (network engineers, administrators) to strengthen security postures.
- Participate in vulnerability assessments and penetration tests, addressing identified risks proactively.
Qualifications & Requirements:
- Bachelor’s degree in Cybersecurity, IT, Computer Science, or equivalent experience.
- 1-3 years in a Security Operations Center (SOC) or similar role.
- Proficiency with SIEM tools (e.g., Splunk, QRadar, SolarWinds SIEM) and security monitoring platforms.
- Hands-on experience with incident response and investigation of threats (e.g., malware, phishing, intrusions).
- Strong knowledge of networking concepts, TCP/IP, and common protocols.
Certifications (Preferred but not required)
- Security+ (CompTIA)
- Certified SOC Analyst (CSA)
- Certified Ethical Hacker (CEH)
Technical Skills
- Deep understanding of cybersecurity principles, incident response, and forensic analysis.
- Familiarity with malware analysis techniques and vulnerability management.
- Strong analytical skills and ability to prioritize in high-pressure situations.
Soft Skills
- Effective communication for clear reporting and team interaction.
- Ability to collaborate with internal and external partners.
Shortlisted candidate would be notified.
