Our Client is currently hiring an SOC Analyst.
The purpose of the role is to analyse security events and alerts and to gather and carry out remediation tasks on console for the Company’s clients through its toolsets, operational monitoring, preventative actions and crisis management.
Responsibilities:
- Conduct cyber intelligence operations including intelligence collection, tracking threat actors, identifying malicious behaviors and operations
- Works with customers, vendors and internal resources for problem resolution and security advisories
- Standardizes process and procedures and provides continual improvement
- Develops and maintain comprehensive documentation on incidents and analysis for clients and internal
- Compile security advisories for internal and external in document format with technical recommendations
- Use case writing, development and refinement for detection of threats
- Proactively search for rogue behavior, malicious attacks & suspicious activity
- Training of junior analysts
- Analyze threat feeds to produce daily/weekly/monthly Threat Intelligence brief and regular threat trend reporting
- Analyse security events/alerts and recommend remedial actions
- Analyse vulnerability scan data and recommend remedial actions
- Analyse trends across time and clients for remedial actions
- Provide analysis in contracted reports
- Healthchecks on monitored devices
- Analyse Network flow data & investigate deviations from baseline
- Pro-actively hunt for threats, vulnerabilities & suspicious activity
- Investigate suspicious emails for phishing attacks
Qualifications and experience required:
- Grade 12 (essential)
- Certification in IBM QRadar essential
- Experience analyzing phishing attacks
- CISSP, CEH, GPEN, OSCP or similar security certifications
- Experience producing reports and briefs on the current threat landscape and associated risks
- Experience monitoring third party security related websites, forums and social media sites for information regarding vulnerabilities and exploits
- Experience conducting malware analysis – usage of VirusTotal, etc
- Experience replicating reported vulnerabilities in a safe and contained environment to develop proof of concept and/or exploit tools
- Working Knowledge with the following technologies: Windows and Active Directory, Unix and Linux, Routers & Switches, Anti-Malware Systems, Relational Databases, Open Source Intelligence, Firewall, IDS/IPS, Vulnerability Management & Proxy management or solid understanding of these technologies
- 5 – 8 years work-related experience as a Level 1/2 Analyst
- SOC/SIEM systems Certifications – IBM Qradar essential
- Formal training in Networking and networking protocols – CCNA advantageous
- Experience in malware investigation advantageous
- Experience in server/network/firewall/ips administration
- Experience in a Security Operations Centre environment & a Network Monitoring environment
- Relevant Courses eg Security +, introduction to information security an advantage
- Understanding of the different types of Cyber Security Attacks & how to prevent them
Key competencies:
Knowledge:
- How to analyse data
- IBM – QRadar experience
- Must have an understanding of use cases
- Must have excellent problem-solving skills.
- Detailed technical knowledge of technology protocols (TCP/IP, SMB, SSH, etc.)
- Good knowledge of scripting languages
Skills:
- Communication skills (verbal and written – report writing, email and presentation)
- Problem-solving skills
- Customer orientation
- Planning and organising skills
- Analysing skills
- Writing and Reporting
- Learning and Researching
- Creating & Innovating
- Delivering Results & Meeting Customer Expectations
Personal Attributes:
- Presenting and Communicating Information
- Deciding and Initiating Action
- Coping with Pressures and Setbacks
- Applying Expertise and Technology
- Following Instructions and Procedures
- Ability to work well independently & productively with minimal supervision
About The Employer:
Red Ember Recruitment is currently hiring a SOC Analyst.