We are seeking a proactive and skilled SOC Analyst with 4 to 5 years of experience in monitoring, detecting, analyzing, and responding to cybersecurity incidents. The ideal candidate will be responsible for handling day-to-day security alerts, ensuring adherence to security policies, and helping improve the overall security posture of the organization.
Key Responsibilities:
- Monitor and analyze logs, alerts, and security events using SIEM tools (e.g., Splunk, IBM QRadar, ArcSight, or Microsoft Sentinel).
- Detect and respond to security incidents such as phishing, malware infections, privilege escalation, and data exfiltration.
- Perform initial triage, investigation, and escalation of potential threats and vulnerabilities.
- Conduct incident response, including containment, eradication, recovery, and post-incident analysis.
- Work with other IT/security teams to investigate security breaches and identify root causes.
- Develop and maintain incident response documentation, standard operating procedures (SOPs), and knowledge base articles.
- Assist in threat hunting and proactive detection of advanced persistent threats (APT).
- Analyze threat intelligence feeds and correlate data with internal telemetry.
- Participate in vulnerability management by reviewing scan results and recommending remediations.
- Stay up-to-date with evolving threat landscapes and recommend improvements to detection and response capabilities.
Required Skills & Qualifications:
- 45 years of hands-on experience in a Security Operations Center (SOC) or equivalent cybersecurity role.
- Strong understanding of network protocols, operating systems (Windows/Linux), and security tools.
- Experience working with SIEM platforms, endpoint detection tools, and forensic analysis tools.
- Knowledge of cybersecurity frameworks (NIST, MITRE ATT&CK, ISO 27001).
- Familiarity with log analysis, packet capture tools (Wireshark), and threat intelligence platforms.
- Good communication skills and ability to document technical information clearly.
- Ability to work in a 24/7 or rotating shift environment (if required).
Preferred Skills (Good to Have):
- Experience with cloud security monitoring (e.g., AWS, Azure Security Center).
- Familiarity with SOAR tools and automated response workflows.
- Relevant certifications such as:
- CompTIA Security+
- CEH (Certified Ethical Hacker)
- GIAC (GCIH, GCIA)
- Splunk Certified User/Analyst
- Scripting skills (e.g., Python, Bash) for automating SOC tasks.
