Job Brief:
Responsible for monitoring the different security systems utilized in a SOC environment to ensure the timely detection of security incidents. This position involves performing daily operational security-related tasks (monitor, investigate, escalate and respond)
Key Responsibilities:
- Actively monitor security alerts from the SIEM and other security tools to identify potential threats.
- Perform initial analysis to assess the severity and validity of alerts.
- Escalate incidents require advanced analysis or response to L2 analysts or relevant teams.
- Review and analyze logs from various sources, such as firewalls, servers, and endpoints, to detect suspicious activity.
- Prepare and maintain periodic reports on security incidents and events for internal teams and stakeholders.
- Respond to customer requests for information or support regarding security incidents or events.
- Assist in maintaining SOC tools, dashboards, and processes under supervision.
- Stay informed about the latest cybersecurity threats and attack vectors.