Job Summary
The SOC Analyst will be responsible for the day-to-day monitoring of security feeds, performing initial triage of security alerts, and supporting the SOC Lead in maintaining the organization's security posture. This role involves technical analysis of security events across on-prem and cloud infrastructures to ensure timely detection and response to potential threats.
Key Responsibilities
Threat Detection and Monitoring
- Monitor security events and alerts from SIEM, SOAR, IDS/IPS, firewalls, antivirus, WAF, EDR, and DLP.
- Monitor network traffic for anomalies and unauthorized activities.
- Utilize centralized dashboards to track security feeds and ensure the reliability of monitoring tools.
- Assist in the testing and refinement of SIEM use cases and correlation rules.
Incident Response and Triage
- Perform initial triage and technical investigation of security alerts to determine severity.
- Assist in the execution of incident response plans, including containment and eradication steps.
- Support digital forensic analysis on compromised systems under the guidance of the SOC Lead.
- Document incident details and contribute to Root Cause Analysis (RCA) formulations.
Threat Intelligence and Hunting
- Identify and track Indicators of Compromise (IOCs).
- Monitor threat actor tactics, techniques, and procedures (TTPs) to stay ahead of emerging threats.
- Participate in proactive threat hunting activities to identify undetected malicious activity.
Reporting and Compliance
- Generate data for daily, weekly, and monthly security reports, including incident volume and downtime.
- Track key metrics such as Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR).
- Ensure all activities follow defined SLAs and security documentation standards.
Technical Skills and Experience
- SIEM/SOAR: Practical experience with tools such as Splunk, ArcSight, QRadar, or LogRhythm.
- Network Security: Solid understanding of IDS/IPS, firewalls, and WAF.
- Vulnerability Management: Experience using scanning tools like Nessus, Qualys, or OpenVAS.
- Cloud Security: Foundational understanding of AWS, GCP, or Azure cloud networks.
- Compliance: Basic knowledge of regulatory requirements like GDPR, HIPAA, or PCI-DSS.
Minimum Qualifications
- Education: BSc/BE in Information Technology, Cybersecurity, or related field.
- Certifications: CompTIA Security+, Certified Ethical Hacker (CEH), or GIAC Security Essentials (GSEC) preferred.
- Frameworks: Understanding of the ITIL framework.
About Straive
Straive (formerly SPi Global) is a market-leading content solutions company providing AI-driven solutions and technology services across 30 countries. We are an equal-opportunity employer committed to diversity, equity, and inclusion.
