SOC Analyst/Specialist - L1

Company Overview:

Advanced technology and cybersecurity company (sirar) established by stc, the region’s ICT and digital services provider, sirar by stc is a cutting-edge cybersecurity provider that empowers organization to take control of their cyber capabilities and digital environments as experts in business security and privacy.

We offer a comprehensive range of solutions that help you to operate online safely, securely, and efficiently. The tools we provide help organizations detect and prevent cybersecurity attacks, safeguard their digital future, and provide protection and security from that point forward.

Key Responsibilities:

• Uses cybersecurity defense tools and technologies to monitor, analyze and responds system activity continuously to identify real time customer cybersecurity events/incidents and determine possible causes as 1st response level.
• Identifies, categorizes, prioritizes, investigates, and reports incoming alerts of cybersecurity events/incidents to MSOC customers as per defined MSOC processes, playbook & guidelines through official channels (sirar Ticketing System & MSOC Email).
• Prepares and generates the required MSOC Daily, Weekly & Monthly reports to stakeholders.
• Performs indicator of compromise (IoCs), threats and type of Attacks and Notify MSOC customers for sweep results
• Handles the customer’s tickets & emails on required alerts during the shift within SLA.
• Resolves False Positive events into security solutions.
• Checks customer general logs, devices log specially for critical devices and reports for stakeholders.
• Opens/reassigns ticket to MSS development team to implement the recommended actions that approved by MSOC customer which under MSS development team case study.
• Reports unclear/noisy events and major incidents to 2nd level to evaluate & take action.
• Contributes to the overall success of the company by performing all other duties and responsibilities as assigned by line manager.

Academic Qualification:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related discipline

Professional Certificate:

• Certificate in CCNA Security/CompTIA/Security+.

Years of Experience:

• 0-1 Year in relevant experience.

Skills:

• Basic proficiency in recognizing vulnerabilities in security systems.
• Basic proficiency in using intrusion detection technologies to detect host and network-based intrusions.
• Basic proficiency in effectively recognizing and categorizing types of vulnerabilities and associated attacks.
• Basic proficiency in assessing security controls based on cybersecurity principles and tenets.
• Basic proficiency in effectively performing root cause analysis for cybersecurity issues.