الوظيفة

حفظ وظيفة Security Operations Center Analyst Level 2 في Classified
Security Operations Center Analyst Level 2
Classified محافظة عمان الأردن الدوام من مقر الشركة

تقدّم الآن

حفظ
حفظ وظيفة Security Operations Center Analyst Level 2 في Classified

عرض المزيد من الخيارات
Cyber Security Operations Analyst – Level 2

We specialise in the provision of advanced threat detection and response systems combined with a unique outsourced management service that monitors your security on a 24/7 basis. Our customers trust us to provide practical, flexible and affordable solutions to protect and mitigate against the risks of cybercrime. We are a Microsoft Gold Partner and specialise in cyber security solutions utilising the Microsoft Security stack which include Defender & Sentinel.

Role Summary:

The Senior Security Operations Centre (SOC) Analyst assists in deploying, maintaining, tuning, monitoring, and managing security tools related to the Security Operations Centre. The Senior SOC analyst will function as a Level 2 analyst, and act as a mentor to other members of the team. The Tier 2 SOC analyst will review alerts from Level 1 analysts and network security devices, security information and event management and other tools as needed, works with other analysts to collect, correlate, and analyse security-relevant data, and respond to threats in a timely manner.

Roles & Responsibilities

Take full ownership of incidents escalated by Analyst level 1 or the SOC and control quality of actions performed
Investigate and analyse cybersecurity incidents and follow up action plans
Assist the modelling of new attack scenarios
Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets
Ensure that all events, events of interest, exceptions and incidents are responded to in accordance with established SOC work instructions, including remedial action/recommendations.
Work closely with the Security Operations Centre to provide operational support and improve and mature use cases and playbook
Contribute to post-incident reviews to identify lessons learnt considering people, processes, and tools to identify improvements and control enhancements to better detect, protect, respond to and recover from a future cyber security incident
Ensure all Work Instructions and Processes are reviewed and remain current.
Collaborate on product and process improvements, including: Creating and improving analytics, workbooks, playbooks, threat hunts, etc.

Desired Experience (not essential):

Experience with developing and using a SIEM platform, preferably Microsoft Sentinel
Experience with managing and operating EDR platforms, preferably Microsoft Defender for Endpoint
Experience with vulnerability management processes and tooling
Experience with public cloud solutions, preferably Microsoft Azure
Experience with the full O365 stack, including management of the security and compliance features
Experience with threat hunting methodology and practical threat hunting processes and methods

Equivalent experience with other and similar software & tools is also beneficial.

Desired Certifications (not required but nice to have)

Blue Team Level 1 / Blue Team Level 2
Security+
CCNA/CCNP Security (or other tracks)
eJPT/eCPPT/OSCP
CISSP
Microsoft security certifications such as AZ-500 or SC-200 etc.

Reporting and Department:

The role will report directly to the SOC Managers & the Technical Director

Training

We required 3 x Microsoft Security Certifications to be obtained within 3-6 months which will be fully funded.

Hours of Work:

Night Shifts – 2 Week Rotation (Week 1 = 2 Nights, Week 2 = 5 Nights)

(Potential swap to day shifts as and when opportunity becomes available)

https://www.linkedin.com/jobs/view/2928687396

متطلبات الوظيفة

غير محددة

ساعات العمل

غير محددة

شارك هذه الوظيفة