Tier 2 Security Operations Centre (SOC) Analyst

Tier 2 Security Operations Centre (SOC) Analyst

Job Requirements

Education: Bachelor’s degree

Work experience: 2 years

Language skills: English

Job Summary

Contract Type: Full time

REQUIRED EDUCATION, EXPERIENCE, AND SKILLS

Academic Qualifications:

  • University degree in Information technology/Computer Science/Electrical Engineering/Telecommunications.

Professional:

  • Training in Security event triage
  • Security certification e.g. Security+, CySA, CEH,
  • Incident Handler training/certification e.g. ECIH,
  • SIEM Certification e.g. Splunk, QRadar, Fortinet

Desired work experience:

  • Two years’ experience in security and Network infrastructure support in medium to large organizations.
  • Experience working with different SIEM solutions
  • Two years’ experience in security event triage and analysis.

Technical Competencies

  • Knowledge and experience in modern practices for IT infrastructure security architecture and operations in medium to large organizations to provide guidance on incident handling
  • Interpersonal skills to effectively communicate with and manage customer expectations (internal and external), and other stakeholders who impact performance.
  • Technical skills to effectively perform or guide performance of analysis and incident handling activities/tasks in a manner that consistently produce high quality of service.

Related Job Protocol and Administrative Assistant At Un Women

Behavioural Competences

  • Self-empowerment to enable development of open communication, teamwork and trust that are needed to support performance and customer-service oriented culture.
  • Leadership to nurture and sustain employee satisfaction, and to manage changes.
  • Interpersonal skills to effectively communicate with and manage customer expectations (internal and external), and other stakeholders who impact performance.

KNOWLEDGE, SKILLS AND ATTRIBUTES:

  • Basic understanding and appreciation of technical design and business principles
  • Demonstrates fundamental project management and administration ability
  • Display customer engagement skills
  • Demonstrate relevant domain specialist knowledge
  • Good verbal communication skills
  • Client focused and display a proactive approach to solving problems
  • Ability to work under pressure
Responsibilities

Incident Handler

  • Primarily responsible for incident response
  • Analysis and determination of an incident response strategy to use in response to a declared incident.
  • Coordinate client CSIRT team activities to ensure incidents are resolved in a timely manner
  • Report on status of incidents to client and the business
  • Document incident response actions from detection to eradication and share with the team for review and debrief, and to facilitate information sharing between TIC and other teams.
  • To provide management oversight for the management of incident detected by the SOC, and escalations according to defined set of policies, processes, procedures, and SLA’s.

Analyst II role

  • Analyse events escalated by tier 1 analysts and approve, if necessary, further investigation of the events
  • Mentor tier 1 analysts to improve decision-making and analysis of incidents
  • Correctly scope extent and breadth of incidents by identifying IOCs, all infected hosts, and root cause/ patient zero
  • Review shift logs and handover reports for any escalations or key events that require urgent attention
  • Where possible, institute initial containment, eradication, and recovery measures for declared incidents

Vulnerability Management

  • Review vulnerability reports for scans ran by Analyst I
  • Refine reports and share with clients, and organize sessions to guide clients on closure of critical vulnerabilities

SIEM Support

  • Document noisy SIEM rules for review to reduce false positives
  • Ensure uptime of agents and collectors
  • Work closely with vendor to deliver desired client reports and dashboards
  • Document detection gaps for review and detection engineering

Automation Support

  • Review daily SOC activities to identify possible automation areas
  • Work closely with SOAR team in defining playbooks and testing automations.

Apply for the position

Leave a Reply