Soc Analyst

Description

New Cognito is part of Mitrelli Group. Established in 2000, and with more than 20 years of experience in the deployment of technology solutions, New Cognito is on a mission to enable digital transformation by delivering projects at the national and organizational level. We bring financing, plan, design, implement and maintain integrated, leading-edge ICT Infrastructure, IT Solutions and Cybersecurity offerings that help our clients build a better future for their citizens.

About the role:

We are seeking an Intern to join our team for 6 months. Here you´ll work within the security operations center to provide cyber security monitoring. The role is responsible for daily monitoring, analysis and execution of corrective actions to security related events for a wide range of public and private sector clients.

Responsibilities:

• 24/7 vigilance against threats happening in customer environment. You will be working in Leading edge Security Operations Centre and experiencing day to day cyber security anomalies, investigations, and incidents.
• You will experience real world cyber security threat alerts and will monitor for these security threat alerts, analyse them and notify customer within SLA.
• Track health of monitoring infrastructure – You will be trained on how to work on SOC operations, routine maintenance, etc.
• Adhere to SLA and timely notification to customer so that clients can defend against threats.
• Investigation as per IA & R run books. Detailed/thorough investigation write-up about the security threat risks/alerts, including investigation details, impact and recommendations.

Requirements

• Bachelor's Degree in Information Technologies, Cyber Security, or a related field.
• 0 to 2 years experience working in security operations environment OR 2 years’ experience in IT operations (datacentre support or NOC environment or Endpoint support) OR should have cyber security related subjects in school.
• Good analytical and technical skills in computer network defence operations.
• Incident Handling (Detection, Analysis, Triage).
• Hunting (anomalous pattern detection and content management).
• Prior experience of investigating security events.
• Should be able to distinguish incidents as opposed to non-incidents.
• Working knowledge of operating systems; network technologies (firewall, proxy, DNS, Netflow); Active Directory.
• Network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.)
• Common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).
• MUST have intermediate level of English (Spoken and Written).

Nice to Have:

• Certifications: CEH, Security+, or related certification.
• Experience with some/all: Firewall, Web Proxy, EDR solution, AV, and solutions like Cisco AMP, Sumo Logic, CounterTack, SIEM solutions, Kibana/Zeppelin, ThreatQ, FireEye Malware analysis, Snort, Suricata

Work Schedule: Rotational Shifts 24x7 [these shifts can be morning, evening or night].