Support daily monitoring, threat assessment, mitigation, and reporting activities to safeguard information assets
Support the team in publishing incidents, alerts, advisories, and bulletins as needed
Use a variety of tools and resources, perform system and network analysis of suspected or potential security incidents
Document all steps and techniques used during analysis in an incident database
Report found indicators of compromise to allow for internal defensive measures to be developed
Develop and maintain necessary procedures or scripts to identify cybersecurity incidents
Keep up-to-date with Cyber Security trends and capabilities
Assist the team in updating and maintaining standard operating procedures
Demonstrate familiarity/experience with a wide range of network/system detection, prevention, and analysis tools.
Use case creation
Deep analysis and investigation
Complete other duties/responsibilities as assigned
Requirements:
Bachelor's or master’s degree in related discipline such as computer security, computer science, computer engineering or information technology.
5+ years of experience in working for a Managed Security Services (MSS) provider in a Security Operations Center, Computer emergency incident response team or computer security incident response center.
Possesses an understanding of cyber-attack techniques, vulnerabilities, and countermeasures
Ability to articulate security issues, analysis, and remediation techniques to internal and external customers
Problem solving skills.
Security Information and Event Management (SIEM) systems knowledge (Qradar, Splunk and Sentinel)
Network and Host Intrusion Detection Systems / Intrusion Prevention Systems (IDS/IPS)