وصف الوظيفة
- Proven Experience: A minimum of 2-3 years of experience in a dynamic and fast-paced Security Operations Center (SOC) environment.
- Advanced Incident Investigation: Requires not only investigation into escalated incidents but also the ability to coordinate with external threat intelligence services for deeper insights.
- Comprehensive Contextual Analysis: You are used already to search for data, understand how systems talk to each other and you can identify abnormal.
- Playbook Development and Optimization: Creation of advanced automated response actions within the playbooks for rapid threat neutralization.
- Proactive Threat Hunting: You have experience doing threat hunting, you understand how to search around Threat Intelligence and you can give priority to indicators that could be more useful to the environments you work with.
- Threat Intelligence Management: You are not only expected to only monitor but also interpret and integrate threat feeds into the organization's security posture.
- Digital Forensics and Cyber Activity Reporting: In addition to recovering information, the role require expertise in advanced forensics including cross-platform investigations, you should be familiar with Windows and at least another platform.
- Security Audit Leadership: The candidate should be capable of leading audit reviews and implementing corrective actions to mitigate identified security issues.
- Incident and Report Management: Detail the requirement to manage complex incidents involving cross-functional teams and to communicate findings to stakeholders.
- Security Analytics: Expect proficiency in customizing and creating advanced queries and within SIEM and other security tools to identify subtle anomalies.
- Risk and Incident Reporting: Must be able to provide strategic insights on risk trends and prepare executive summaries on incident impact and response effectiveness.
- Crisis Management Collaboration: In addition to support, the candidate should have the ability to lead the initial response to incidents and coordinate with SOC Level 3 analysts.
- Continuous Threat Hunting: Designing and implementing threat hunting missions based on current threat landscape and intelligence.
- Metrics and Trend Analysis: The analyst should be skilled in trend correlation to improve security measures and help the SOC Level 3 with proactive work.
Note to include: We expect you to have worked for at least 2-3 years in a fast phase environment, that you can explain with details real world cases you have come across, we will evaluate several aspects during the interview to get to know you and asses if you are a good fit for the team.