Job Description
Client & Project: We are seeking a new talent to join the Security team where you will have the opportunity to collaborate in the managed service project. The client is a leading financial institution offering a wide range of services, including banking, investment, and insurance solutions. Responsibilities: As a SOC analyst, you will be responsible for security alert monitoring, investigation, and triage, often handling events following predefined playbooks. Key responsibilities include using SIEM tools to analyze alerts, determining if they are false positives or actual threats, and escalating confirmed incidents to higher-level analysts. Monitor security alerts from various systems like SIEMs and EDRs. Perform initial investigation and analysis of security alerts to identify true threats versus false positives. Follow established playbooks and runbooks for incident handling. Escalate confirmed incidents to Level 2 analysts according to established service-level agreements (SLAs). Correlate logs from multiple sources to verify incidents. Document all actions taken during an investigation. Communicate with stakeholders about security events. Technical knowledge: Familiarity with Security Information and Event Management (SIEM) platforms like Splunk, Sentinel, Google SecOps, etc Basic understanding of network security concepts and technologies (e.g., firewalls, IDS/IPS). Knowledge of security tools like Endpoint Detection and Response (EDR) and SOAR platforms is beneficial. Familiarity with operating systems, including log analysis on Windows and Linux. Understanding of cybersecurity frameworks like MITRE ATT&CK & NIST Requirements: Typical requirements are 0-2 years of experience, knowledge of security concepts like phishing and malware Basic understanding of security tools (SIEM, EDR), Good communication skills, both written and verbal, for documentation and reporting. Certifications: CompTIA Security+, Certified SOC Analyst, or other relevant certifications
