IT Security Operation Center (SOC) - L2 (IT Consulting)

Job Openings

We are assisting one of our clients, an IT Consulting company, and they are currently looking for an IT Security Operation Center (SOC) - L2.

• Incident Response and Investigation:
  • Perform in-depth investigations of security incidents, analysing security alerts, and developing incident reports.
  • Analyse security events from various sources, including SIEM tools, intrusion detection systems, firewalls, and antivirus software.
• Threat Detection and Analysis:
  • Identify and classify security threats based on their severity and potential impact on the organization.
  • Monitor and respond to real-time security alerts, escalating incidents to higher-level analysts or management as necessary.
• Security Tool Management:
  • Manage and fine-tune security monitoring tools to enhance detection capabilities.
  • Assist in creating and updating playbooks for incident response and threat hunting.
• Collaboration and Communication:
  • Work with cross-functional teams, including IT, development, and compliance, to ensure a cohesive approach to security.
  • Communicate findings, risks, and recommendations to stakeholders clearly and effectively.
• Documentation and Reporting:
  • Maintain detailed documentation of security incidents, responses, and the overall security posture of the organization.
  • Contribute to regular security reports and metrics for management reviews.
  • Stay updated on the latest cybersecurity trends, threats, and best practices.
  • Participate in training and professional development opportunities to enhance skill sets and knowledge.

• Minimum 2 years of experience in Cyber security/SOC.
• Proficient in Incident Management and Response.
• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
• Responsible for working in a 24x7 Security Operation Centre (SOC) environment.
• Provide analysis and trending of security log data from a large number of heterogeneous security devices.
• Analyze and respond to previously undisclosed software and hardware vulnerabilities.
• Investigate, document, and report on information security issues and emerging trends.
• Integrate and share information with other analysts and other teams.
• Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix.
• Have experience operating SIEM Dashboard, Use Case and Policy related with alert/issue/vulnerability and other security issue.
• Have experience creating knowledge base/Playbook/Guideline for investigation process and every SOC process activity.
• Communicate effectively with Customer Existing.
• Knowledge about various tools like SIEM, Packet Analysis, HIPS/NIPS, ServiceNow Ticketing Toolset, Web Security, AV, UBEA, Advanced SOC.