Job Description:
The Security Operations Centre (SOC) consists of a 24/7 incident response capability. The SOC Analysts main objectives are to contribute following a multidisciplinary approach to the key SOC operational tasks: security incident detection, monitoring and response, content delivery.
We are expanding our team in Best Plant and still have open positions for this role, so definitely you should consider applying.
Your role:
Incident Detection & Response:
- Manage security incidents to conclusion
- Perform forensic investigations
Monitoring:
- Proactively identify potential cyber security threats, based on understanding normal activity
Content Delivery:
- Develops content, such as scripts, use cases for SIEM, queries for log management or automated data gathering for forensics
- Perform anomaly detection and malware hunting
- Creation of overall situational awareness, combining outputs to be further used by the SOC
Maintaining Relevance:
The cyber threat landscape is constantly evolving, and SOC teams need to be able to manage the latest threats to the organization.
- keeping current with new and trending attacks
- ensuring that SOC tooling has an updated set of rules to help detect such attacks
You're the right fit if:
- Prior experience working in a Computer Emergency Response Team (CERT/CIRT), IT security environment or law enforcement.
- Certifications such as GCIH, GCIA, GCFE, GCFA, GREM, OSCP or similar work experience is preferred.
- Proficient knowledge of SIEM & SOAR platforms, Log management, IDS/IPS, end point security solutions. Sufficient programming skills is a big plus. Thorough knowledge of network infrastructure, Cloud, Operating systems (both win/ nix), applications and protocols.
- Communication skills, both verbal and written as you should be able to communicate technical topics effectively