Security (SOC) Analyst

The Bank’s entire operations are managed by the COO Division, headed by the Chief Operating Officer. It aims to provide top-tier service to both in-house and external clients, ensuring efficient operations at optimal costs. The COO division includes Operations, Finance, Information Management, Human Resources, and Logistics. COO employees are dedicated to delivering professional, proactive, and high-quality services that align with the Bank’s overall strategy.

Mission

The security analyst will support the Bank's efforts to enhance its detection and response capabilities by maintaining or developing detection logic, monitoring security events, and investigating related incidents.

Main Responsibilities

1. Analyze and investigate various security events to identify incidents.
2. Document each incident with detailed logs, alarms, and indicators.
3. Perform or recommend remediation actions, including system management, configuration changes, and tuning detection mechanisms.
4. Develop and implement detection mechanisms into monitoring tools.
5. Fine-tune SIEM rules to reduce false positives and negatives.
6. Collect global threat intelligence and internal threat data to enhance security configurations across the Bank.
7. Research and monitor security information to identify potential threats proactively.
8. Participate in projects designing and implementing security solutions, including log and event management systems, with administration, tuning, and optimization of security tools.

Personal Skills

1. Self-motivated with the ability to work independently and collaboratively.
2. Strong critical thinking, analytical, and problem-solving skills.
3. Curious with a willingness to learn continuously.
4. Excellent interpersonal skills to coordinate with various IT and Security teams.
5. Discreet and rigorous in work approach.

Education

• Bachelor’s Degree
• Certifications: SANS training, OCSP, CEH
• Technical Skills: IT Security

Experience

• 3-7 years of experience (intermediate level)
• Knowledge of networking principles and hands-on experience with IDS/IPS, Firewalls, VPNs, and similar security products.
• Experience with SIEM tools, creating detection rules, and operational maintenance.
• Understanding of Operating Systems and Sandbox Static Analysis.
• Knowledge of security infrastructure, log analysis, and data sources such as firewalls, IDS, Windows, authentication systems, antimalware, EDR, email security, and virtualization.
• Proficiency in scripting languages like Python, PowerShell, Ruby, or Perl.
• Experience in private banking is optional but advantageous.

Languages