SecOps Analyst
About The Position
About The Position
As SecOps Analyst, you will be responsible for SecOps IR, notify relevant teams, communicate with stakeholders, take remediation and recovery actions and reporting.
SecOps Analyst responsibilities also includes risk assessment, vulnerability management, staying up to date with cyber threats and technologies, threat intelligence, security breaches and proactively hunting for security threats.
You will act as the focal point for the company for security incidents and will be responsible for raising the security awareness in the company.
You will create security tools and implement security solutions in the production environment to deal with security risk and threats and remediate security risk ASAP. You are expected to have knowledge of incident response, data analysis, networking, digital forensics, common attack vectors, different security tools.
Responsibilities:
Manage IR and threat hunting
Implement security solutions and create security tools
Create sophisticated detections for detecting and responding to security threats
Prioritize alerts or issues and perform triage to confirm a real security incident has taken place
Perform root cause & incident response analysis to uncover attack vectors involving malware, data exposure, phishing, and social engineering methods
Support/develop reports during and after incidents, including all actions taken to properly mitigate, recover and return operations to normal
- Perform endpoint, network, and log analysis
Requirements
2+ years of relevant work in the information security industry
Experience working in SOC for at least 2-3 years including advanced event analysis leveraging SIEM tools - advantage
Experience working with SIEM tools - must
Good understanding of security risks and attack vectors
Experience with EDR, malware analysis, web application security, network analysis
Understanding TVM, TI & TH, IOCs, OSINT
Familiarity with OWASP Top 10, Mitre Att&ck, knowledge of adversary tactics, techniques, and procedures (TTPs)
Experience identifying and developing responses to new threats and attack patterns
Good understanding of system log information, and knowledge of how to collect specific data/attributes as a necessary per incident event (host, network, cloud, etc)
Moderate knowledge and experience with cloud environments (AWS, Azure)
Advanced knowledge of TCP/IP protocols; experience configuring and implementing various technical security solutions
Good understanding & experience with Mac & Linux operating systems
Thinking outside the box, experience working in a team,
Self-learner, turn complex problems into solutions - advantage
Willing to work in shifts (24x7) - MUST