L1 SOC Analyst
L1 SOC Analyst
الوصف الوظيفي
Information security field as a Security Operations Centre Analyst.
The right candidate will have some experience, or knowledge in fundamental information security concepts such as incident handling, SIEM, log analysis, networking, OS hardening, system administration, and cloud computing.
The right candidate will be able to demonstrate their knowledge through courses, projects, workshops, experience, and webinars attended.
The L1 SOC Analyst will work as part of a team on shift to provide continuous security monitoring and incident handling to Callsign.
Daily duties will include shadowing senior members of the team and acting as a first point of triage for security alerts within the SIEM. A clear progression matrix is provided to support professional development to a L2 SOC Analyst or Cyber Threat Intelligence Analyst.
This is a shift-based role, to provide 24/7/365 security services to the business.
The successful applicant will have a demonstrable passion for security and willingness to progress within the role, support the SOC, and Threat Intelligence teams with incident handling, threat and vulnerability management, security research, and producing cyber digests to be consumed internally.
Responsibilities.
• Security monitoring and incident handling across a complex network
• Support use case development of detection analytics
• Conduct research into new threats, identifying new IOC/TTPs and threat groups affecting the business
• Escalation of security alerts to L2 Analysts
• Support handover process between shifts
• Providing initial triage to security alerts and responsive actions
المهارات
• SOC / Pen-Tester / Purple Team / Threat Intelligence / Threat Hunting or similar background, or demonstrable experience through self-study
• Hold at least one of the following certifications/courses (or working toward / or similar):
SANS & Mitre ATT&CK or CompTIA CySA+/Sec+/Net+
• Minimum of 1-2 years’ experience within a similar role, or demonstrable relevant experience through self-study
• Experience with FortiSIEM, IBM QRadar , EDR, FW , NDR , WAF , Proxy and Cloud Security is highly desirable
• Understanding of the incident response phases
• Basic understanding of log/memory/pcap analysis
تفاصيل الوظيفة
- منطقة الوظيفة
- أبو ظبي, الإمارات العربية المتحدة
- قطاع الشركة
- خدمات تكنولوجيا المعلومات; تطوير البرمجيات
- طبيعة عمل الشركة
- صاحب عمل (القطاع الخاص)
- نوع التوظيف
- دوام كامل
- الراتب الشهري
- غير محدد
- عدد الوظائف الشاغرة
- 2