Job Description

Roles & Responsibilities

Responsibilities

• Monitor Security Events: Continuously monitor security alerts from various security tools, including SIEM (Security Information and Event Management), IDS/IPS, firewalls, and endpoint detection systems.
• Incident Response: Lead the investigation and triage of security incidents. Perform detailed analysis of security events, determine their severity, and coordinate an appropriate response to mitigate threats.
• Threat Intelligence: Stay updated on the latest threat intelligence and trends. Analyze emerging threats and contribute to the development of proactive defense strategies.
• Advanced Analysis: Perform deep-dive analysis of complex security incidents, conducting root cause analysis and providing actionable recommendations for resolution.
• SOC Leadership: Mentor and guide junior SOC analysts, ensuring the team follows best practices and continuously improves their skills.
• Reporting: Prepare and deliver detailed reports on security incidents, trends, and activities to senior management. Provide executive-level summaries and recommendations.
• Collaboration: Work closely with cross-functional teams, including IT, network security, and risk management, to develop and implement security measures.
• Threat Hunting: Proactively search for potential security threats and vulnerabilities across the organization s network and endpoints.
• Documentation and Procedures: Maintain accurate documentation for security incidents, procedures, and processes. Regularly update the knowledge base to ensure continuity of operations and knowledge transfer within the team.
• Security Tool Optimization: Assist in the tuning and optimization of security tools to improve detection accuracy and reduce false positives.

• Experience: 5+ years of experience in security operations or a related cybersecurity field, with at least 2 years in a senior or leadership role in a SOC.
• Technical Knowledge: Strong understanding of security technologies, including SIEM, firewalls, IDS/IPS, endpoint protection, and vulnerability management tools.
• Incident Response Expertise: Demonstrated experience in responding to security incidents and conducting thorough investigations.
• Threat Intelligence & Analysis: Proficiency in threat intelligence sources, analysis techniques, and utilizing intelligence to inform defensive strategies.
• Security Frameworks: Familiarity with industry standards and frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK).
• Certifications: Relevant certifications such as CISSP, CISM, CEH, GIAC, or CompTIA Security+ are highly desirable.
• Strong Analytical Skills: Ability to analyze complex security incidents, interpret log data, and provide actionable insights.
• Communication Skills: Excellent written and verbal communication skills, with the ability to clearly explain complex security concepts to technical and non-technical stakeholders.
• Attention to Detail: Strong attention to detail and a proactive approach to identifying and mitigating threats.

Desired Candidate Profile

• Experience: 5+ years of experience in security operations or a related cybersecurity field, with at least 2 years in a senior or leadership role in a SOC.
• Technical Knowledge: Strong understanding of security technologies, including SIEM, firewalls, IDS/IPS, endpoint protection, and vulnerability management tools.
• Incident Response Expertise: Demonstrated experience in responding to security incidents and conducting thorough investigations.
• Threat Intelligence & Analysis: Proficiency in threat intelligence sources, analysis techniques, and utilizing intelligence to inform defensive strategies.
• Security Frameworks: Familiarity with industry standards and frameworks (e.g., NIST, ISO 27001, MITRE ATT&CK).
• Certifications: Relevant certifications such as CISSP, CISM, CEH, GIAC, or CompTIA Security+ are highly desirable.
• Strong Analytical Skills: Ability to analyze complex security incidents, interpret log data, and provide actionable insights.
• Communication Skills: Excellent written and verbal communication skills, with the ability to clearly explain complex security concepts to technical and non-technical stakeholders.
• Attention to Detail: Strong attention to detail and a proactive approach to identifying and mitigating threats.