Analyst - SOC Monitoring CPX

Overview

To monitor, detect, analyze, and respond to security incidents and threats in an organization’s information systems and network infrastructure. You aim to protect sensitive data, uphold network security, and maintain organizational compliance with industry regulations and standards. By utilizing cutting-edge security tools, techniques, and procedures, the SOC analyst plays a critical role in preventing, mitigating, and resolving cyber threats, ensuring the overall security of the organization’s digital environment.

Responsibilities

• Examine network topologies to understand data flow through the network.
• Use SOC tools to monitor and analyze system activity to identify malicious activity continually.
• Identify network mapping and operating system fingerprinting activities.
• Continuously monitor the SIEM events/alerts to identify any anomalies.
• Perform event correlation using information from various sources within the organization to gain situational awareness and determine the effectiveness of observed attacks.
• Detect Incidents by monitoring the SIEM console, Rules, Reports, and Dashboards.
• Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, distinguishing these incidents and events from benign ones.
• Report the confirmed incident as per the Incident management process.
• Notify the Senior SOC Analyst on suspected/anomaly events for further analysis.
• Document and escalate incidents (including the event’s history, status, and potential impact for further action) that may cause an ongoing and immediate impact on the environment.
• Monitor the health of the SIEM tool and report any issues/incidents/malfunctions to the SOC SIEM administrator.
• Assist Senior SOC Analysts and security specialists in incident investigation and workflow.
• Assist the Senior SOC Analyst and internal team in incident detection and resolution.
• Communicate and provide necessary information to external teams for timely incident resolution.
• High-level understanding of TCP/IP protocol and OSI Seven Layer Model.
• Knowledge of security best practices and concepts.
• Knowledge of Windows and/or Unix-based systems/architectures and related security.
• Intermediate level of knowledge of LAN/WAN technologies.
• Must have a solid understanding of information technology and information security.
• Good understanding of defense-in-depth analysis techniques.
• Knowledge of log monitoring, analysis, and correlations.
• Knowledge of Incident detection, reporting, and responding.
• Understanding of security threats and vulnerabilities.
• Ability to use SIEM console to create/analyze Rules, Reports, and Dashboards.
• Sound knowledge of the functioning of IPS.
  
  

Qualifications

EC-Council Certified Ethical Hacker (CEH)

CompTIA Security+

Minimum of 4+ years’ relevant experience or working in a large-scale ICT environment focusing on Information/Cyber Security.

Bachelor’s degree in engineering, computer science, information systems, or any other quantitative field.

---