Responsibilities:
- Monitor security systems and tools for alerts and anomalies.
- Follow established procedures to respond to security incidents, including gathering information and coordinating with relevant teams.
- Follow established incident response procedures and escalate critical incidents as needed.
- Analyze security logs and identify patterns or suspicious activities.
- Update incident management ticketing systems with accurate and timely information.
- Contribute to the development and improvement of security processes and procedures.
- Provide support to other SOC team members as required.
- Required to work in a shift rotation including weekends and holidays.
- Maintain detailed, written documentation of security incidents, investigations, and response actions.
Work Experience and Knowledge Requirement:
- Experience in Security Operations Center (SOC) environment.
- Experience with Microsoft Azure Sentinel.
- Ability to work in a fast-paced, 24/7 environment.
- Experience with security information and event management (SIEM) tools intrusion detection systems, firewalls, etc.
- Knowledge of common security threats and vulnerabilities.
- Familiarity with incident response methodologies.
- Scripting or programming skills (e.g., Python, PowerShell).
- Basic understanding of networking, operating systems such as Microsoft Windows and Linux, and security concepts.
- Knowledge of TCP/IP, firewalls, routers, switches
- Strong analytical and problem-solving skills.
- Attention to detail and ability to work effectively under pressure.
- Strong written and verbal communication skills in English
- Experience in operating system hardening to reduce attack surfaces.
Desired Skill:
- Knowledge of security standards and regulations (e.g., ISO 27001, ITIL, GDPR, CCPA).
- Certifications in cybersecurity (e.g., Security+, Network+, CompTIA CySA+).
- Experience with using Kali Linux
Education Requirement:
- Bachelor's degree in computer science, information technology, cybersecurity, or a related field.
