وصف الوظيفة
- Proven Experience:
- A minimum of one year of experience in a dynamic and fast-paced Security Operations Center (SOC) environment.
- Security Monitoring:
- Diligently execute day-to-day security monitoring in strict adherence to security policies and standards, initiating interaction tickets where necessary.
- Alert Management:
- Vigilantly monitor the alert queue from various technologies integrated into our SIEM solution, following detailed procedures to address each alert type effectively.
- Incident Documentation and Communication:
- Create and document alerts and incidents when required, demonstrating excellent writing skills and a high level of organization. Your ability to communicate and collaborate with the team must be exemplary.
- Escalation Process:
- Gather data and context essential for initiating Level 2 escalation, ensuring compliance with established documentation, such as Alert Playbooks.
- Reporting:
- Produce both scheduled and ad-hoc reports with accuracy and attention to detail.
- Collaboration for Service Improvement:
- Work in close collaboration with Level 2 team members to contribute to the ongoing enhancement of the SOC services.
- False Positive Mitigation:
- Actively engage with Level 2 Analysts to help reduce false positives, providing reports and insights on alerts that contribute to environmental noise.
- Phishing Case Handling:
- Demonstrate a clear understanding of how to manage phishing threats, including a thorough explanation of several cases you have effectively resolved.
Note to include: We expect you to have worked for at least one year in a fast phase environment, that you can explain with details real world cases you have come across, we will evaluate several aspects during the interview to get to know you and asses if you are a good fit for the team.