IT Engineer,Security,Intermediate

The Cybersecurity Analyst will be responsible for

• the handling, and escalation of, alerts which require technical triage and analysis. This may include web attacks, malware infections, and phishing campaigns, which have been identified by the Information Risk & Security team’s technology stack. Functional Responsibilities
• Experience Monitoring SIEM solutions and a variety of other security devices found in a SOC environment (e.g. Behavioral Analytics tools, IDS/IPS, log management tools, and security analytics platforms. • Creating and maintaining documentation for security event processing. • Acknowledge and handle the incoming security alerts.
• Use the internal ticketing system and dashboards to update the tickets/alerts accordingly and escalating them to the appropriate teams if necessary.
• Assist the Incident Response team on alerts escalated to them by the SOC team. • Develop/Update and follow Standard Operating Procedures (SOPs) and Playbooks to handle standard and out-of-band alerts.
• Report to the Incident Response Team quickly and efficiently regarding urgent matters. • Ensure ticket queues are always within satisfactory limits and all tickets are updated. • Provide On-Call Support for emergency or high severity issues.

• Qualifications Minimum education and work experience required for this position include: • Excellent verbal and written communication skills.
• Excellent analytical and problem-solving skills required.
• Minimum of 5+ years of experience in a SOC or Cybersecurity.
• Equivalent Certifications (Network+, Security+, CySA+, GSEC, GMON, etc.)
• Experience working with SIEMs and evaluating SIEM alerts, EDR , NDR
• Experience leveraging core security and infrastructure technologies during investigations (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS) Key Competencies
• Ability to think with a security mindset. The successful candidate has a good IT background with good level knowledge of multiple relevant security practice areas (anti-malware solutions, patch and vulnerability management, network security; monitoring; endpoint, etc.) • Knowledge of TCP/IP Protocols, network analysis, and network/security applications. • Good knowledge of various security tools and monitoring devices; e.g. able to read and understand IDS/IPS/Firewall/Proxy logs and determine the current state of play.
• Experience in correlating malware infections with attack vectors to determine the extent of security and data compromise.
• Ability to work in a time-sensitive environment; must be detail oriented and able to multitask to meet deadlines and company objectives.
• Experience in large, geographically diverse enterprise networks.
• Ability to build lasting relationships with partner teams and stakeholders.
• Strong written and oral communication skills, including the ability to interact directly with customers that do not have an IT background.
• Documentation; experience in writing reports and documenting tickets efficiently and accurately.