Cyber Security SOC Specialist

Select how often (in days) to receive an alert:

• Lead the overall day-to-day work of the SOC ensuring events and/or incidents are detected and responded to in adherence to established process as well as procedures.
• Security Monitoring
  • Continuously monitor security events and triage events in SIEM, perform investigations and analysis.
  • Escalate tickets to BU Teams to perform containment and other mitigating actions.
• Gather, analyze, and interpret threat intelligence feeds to stay informed about the latest attack vectors, vulnerabilities, and emerging threats.
• Monitor real-time third-party security feeds, forums, and mailing lists to gather information on vulnerabilities and exploits related to the businesses.
• Produce actionable intelligence information for delivery to colleagues and customers in the form of technical reports, briefings, and data feeds.
• Provide threat and vulnerability analysis security advisory services.
• Conduct Reactive 'hunt' for potential malicious activity and incidents across the environment using advanced threat network and host-based tools (Carbon Black EDR, CrowdStrike EDR & Cortex XDR etc) when requested.
• Develop attack detection & response playbooks, defining counter-measures and strategies to mitigate emerging threats.
• Perform investigation and response to security incidents, gathering data and providing initial analysis.
• Participate in post-incident reviews to identify lessons learned and areas for process improvement.
• Analyze complex cases involving a pattern of security events from SIEM, and other security data sources. Splunk experience is preferred.
• Act as IRL, organize Incident Response Team and perform security incidents response coordination following IRP to the resolution.
• Delivery of relevant SOC reporting for continuous governance and enhancements.

Skills for Success

• Degree/Diploma or higher in Computer Science, Information Systems, Information Technology, Cybersecurity, or a related field.
• Minimum 5 years of relevant working experience in SOC or related roles with hands-on experience in monitoring, triage, analysis, and incident management of real-time security events.
• Hands-on experience with the day-to-day security operations using SIEM and other SOC tools.
• Strong foundation in Internet protocols (TCP/IP) and security concepts, security threats and attack countermeasures.
• Ability to understand and analyze system and network logs.
• Analytical problem-solving and troubleshooting skills.
• Related certifications such as CEH, GCIA, GCIH, CISSP etc. is an advantage.

Rewards that Go Beyond

• Full suite of health and wellness benefits.
• Ongoing training and development programs.
• Internal mobility opportunities.

Your Career Growth Starts Here. Apply Now!