Responsible for working in a 24\xc3\x977 IT Security Operation Centre (SOC) environment.
Identification, quantifying and tracking of cyber security incidents
Triage and management of information security events including, where necessary, participation in security incident management
Respond to inbound Change Requests (CRs), Service Requests (SRs), Queries for handling Incident Management
Provide Incident Response (IR) support when analysis confirms actionable incident
Security administration and auditing of privileged systems access
Provide threat and vulnerability analysis as well as security advisory services
Analyze and respond to previously undisclosed software and hardware vulnerabilities
Investigate, document, and report on information security issues and emerging trends
Integrate and share information with other analysts from other shift
Assist L1 SOC analysts to develop and improve their cyber security skills
Assist Team Leads with reporting, projects, monthly SOC Reports specific to respective projects
Review SOC Analyst ticket queue, review tickets, closure or reassignment as needed
Maintaining and tracking all information security related documentation to ensure they remain relevant, appropriate and up to date
Handle SOC incoming phone calls and triaging phone calls that are not related to monitoring
Create daily Shift Handoff notes and summary and send to all shifts
Other duties as assigned by Team Leads and/or Operations Manager
Will float to cover various work schedules and perform monitoring duties as deemed required
Requirements
Diploma/Degree/Bachelor
2+ years of experience in Cyber Security / SOC support
Networking such as TCP/IP, switching / routing and Cybersecurity Concepts
Working with ITSM /Smart IT ticketing systems
Security systems including firewalls, intrusion detection systems, anti-virus software, endpoint security and vulnerability management software
Knowledge of frameworks such as Cyber Kill Chain and Adversary Tactics, Techniques and Procedures
Candidate should possess the ability to work under pressure with extreme deadlines, prioritize projects & tasks, and maintain focus in a dynamic environment
Preferred Qualifications: - Diploma / Associates Degree in Computer Information Systems - CompTIA Network/Security + Certification - Certified SOC Analyst Certification - Others IT security qualifications by recognized organisations - QRadar/Splunk SIEM or any other major SIEM Platform or SOAR platform is desirable - Exposure to working with a MSSP is an advantage