Job Description

Responsibilities

• Monitor and analyze security events and alerts from various sources (e.g., EDR, network security tools, SIEM) to identify potential security incidents.
• Investigate and respond to security incidents according to established SOC procedures, including escalation to senior analysts when needed.
• Leverage EDR tools (e.g., Crowdstrike Falcon, Palo Alto Cortex XDR) to investigate suspicious activity on endpoints.
• Configure and maintain NXLog for efficient log collection and analysis within the SOC workflow.
• Participate in security architecture reviews and provide recommendations for improvement based on SOC findings.
• Stay up-to-date on the latest cybersecurity threats and vulnerabilities.
• Document security incidents, findings, and remediation steps.
• Collaborate with the security team and other IT teams to ensure effective security practices.

• Security+ or equivalent certification.
• CISSP or SANS certifications related to EDR and security architecture (preferred).
• Scripting skills (Python, PowerShell).
• Minimum of 2-3 years of experience as a Cybersecurity Analyst, preferably within a SOC environment.
• Strong understanding of cybersecurity concepts, principles, and SOC operations.
• Experience working with EDR tools (e.g., Crowdstrike Falcon, Palo Alto Cortex XDR).
• Proficient in log management tools (e.g., NXLog, Splunk, ELK Stack).
• Experience in security architecture design and review is a strong plus.
• Excellent analytical and problem-solving skills.
• Strong communication and collaboration skills.
• Ability to work independently and as part of a team in a fast-paced environment.

Jobline Resources