SOC Threat Analyst

Our Company is growing rapidly, and we are looking for highly motivated individuals to work in a SOC environment leveraging SIEMs and security tools to assist in detecting potential security threats. The SOC analyst role is to monitor, detect and respond to security incidents. The role involves triaging, analyzing alerts, determining the criticality of the incidents, and escalating them accordingly.

• Continuously monitor security alerts from various sources such as firewalls, intrusion detection/prevention systems (IDS/IPS), Security Information and Event Management (SIEM) tools, and other security infrastructure.
• Respond to and investigate security incidents.
• Collaborate with senior SOC analyst on complex incidents and provide appropriate recommendation for remediation.
• Escalate incidents and concerns to higher-tier analysts or specialized security teams when necessary.
• Conduct detailed analysis of security events, logs, and alerts to determine the severity and root cause of incidents.
• Provide and maintain detailed records of incidents, actions taken, and outcomes for internal tracking and post-incident analysis.
• Gather and analyze threat intelligence to stay up to date on emerging cybersecurity risks and vulnerabilities.
• Collaborate with IT, network, and infrastructure teams to ensure appropriate measures are taken to prevent or mitigate future incidents.
• Assist in the tuning and optimization of security tools, systems, and processes to improve detection capabilities.
• Participate in regular team meetings, training sessions, and knowledge-sharing activities to improve team performance and security posture.

Diploma or Bachelor’s degree in Cybersecurity, Information Technology, or related field, or equivalent work experience.

• CompTIA Security+
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• or similar certifications.

• Strong understanding of networking protocols and concepts (TCP/IP, DNS, HTTP/S, etc.).
• Experience with SIEM platforms (e.g., Splunk, ArcSight, QRadar, or similar tools) would be preferable.
• Ability to investigate and analyze security incidents with attention to detail.
• Good communication skills for documenting and reporting incidents.
• Ability to work in a fast-paced, high-pressure environment.

• Knowledge of common attack vectors, including but not limited to malware, phishing, DDoS, and APTs (Advanced Persistent Threats).
• Knowledge in various cyber defense methodology and frameworks (i.e., Mitre ATT&CK, etc).
• Familiarity with operating systems (Windows, Linux) and networking devices (routers, switches, firewalls).

• Critical thinking and problem-solving abilities.
• Ability to prioritize and manage multiple tasks effectively.
• Strong teamwork and collaboration skills.

The working hours will change as we grow. Currently we are looking for individuals who are able to work on 12 hour shift.