SOC Specialist L3

Job Description:  

• Conduct in-depth, real-time analysis of security alerts and incidents, correlating multiple data sources to identify potential threats and vulnerabilities. 
• Employ advanced threat-hunting techniques, leveraging behavioral analytics and machine learning to uncover hidden threats proactively. 
• Lead incident response activities, coordinating with cross-functional teams to contain, eradicate, and recover from cyber incidents. 
• Monitor security systems and tools for potential threats and anomalies. 
• Analyze security alerts and incidents to determine their nature and impact. 
• Collaborate with other security teams and departments to address security issues. 
• Create and refine security content, such as use cases and playbooks. 
• Generate reports from SIEM tools for analysis and reporting. 
• Analyze SIEM or SOAR data for prioritization and escalation. 
• Stay abreast of emerging security threats and technologies, providing recommendations for enhancing the SOC's capabilities. 
• Mentor and develop junior SOC analysts, fostering a culture of continuous learning and improvement. 
• Contribute to developing and refining security policies, procedures, and standards. 

 Requirements: 

• Relevant experience of 5-7 years. 
• Perform operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including but not limited to events from SIEM monitoring tools, network and host-based intrusion detection systems, firewall logs, and system logs (Unix & Windows). 
• Perform incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts. 
• Responsible for responding to security incidents (malware infections, unauthorized access, malicious emails, DDoS attacks) and elevating to the Management team as needed. 
• General knowledge of the capabilities and/or configuration of cybersecurity controls, specifically those relating to firewalls, access control, authentication, anti-virus/anti-malware, patching, and logging 
• Evaluate the type, nature, and severity of security events with a range of security event analysis tools. 
• Works with Senior Enterprise Security staff of client as well as the Computer Security Incident Response Team on a day-to-day basis. Demonstrate capability to make sound decisions based on good security practices and principles 
• Able to take ownership of tasks and see-through completion, 
• Willingness to learn, absorb and correlate technical information and then be able to interpret and simplify it.