SOC Analyst L2 at ITS Information Technology Solutions
Cairo, Cairo, Egypt -
Full Time


Start Date

Immediate

Expiry Date

25 Sep, 26

Salary

0.0

Posted On

27 Jun, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

Security Incident Investigation, Log Analysis, Linux, Windows, Incident Response, Threat Hunting, Email Analysis, Triage, Remediation, Network Security, Client/Server Technologies, Audit Validation

Industry

Information Technology & Services

Description
Job Description: Candidates in this role will respond to events according to documented procedures and industry best practices. Ideal candidates should be experienced in the areas of networking, client/server technologies, and analyzing log files with the ability to identify false positive and true positive events. Candidates must have experience in Linux and Windows operating systems. Candidates in this role may also be required to follow the incident response plan and assist SOC Response Analysts when necessary. Candidates must display enthusiasm and interest in Information Security. Standard Job Requirements Provide advanced investigation of security incidents. Conduct secondary triage and analysis on escalated events and initial remediation for escalated incidents. Profile and trend events in the environment to determine if an incident needs to be created. Provide communication and escalation throughout the incident per the corporate security incident response guidelines. Communicate directly with data asset owners and business response plan owners during high severity incidents. Communicate with Infosec teams on detected incidents that breached SLA/OLA. Communicate with IT teams during incidents. Hunt for suspicious anomalous activity based on data alerts or data outputs from various toolsets. Advanced analysis of alerts. Perform advanced analysis of log files. Create, analyze and review reports and dashboards. Perform advanced suspicions email analysis including mail header analysis, body and content or attachments. Validate audit evidence (Ex: internal audit, group audit, PCI audit, etc). Take an active part in the containment of incidents, even after they are escalated. Escalate issues when necessary as per OLA and procedures. Assist in continuous improvement of processes and work with IT teams to improve alerts and rules in the incident monitoring systems. Review all Level 1 Analyst documentation. Propose and enhance use cases. Assign tasks to L1 analyst. Performing administrative tasks per management request (ad-hoc reports / trainings). 2+ Years of hands-on SOC experience, covering the full spectrum of detection, analysis, investigation, alerting, reporting, and proposing remediation actions.
Responsibilities
The role involves performing advanced investigation, triage, and remediation of security incidents while hunting for anomalous activity. The analyst is also responsible for reviewing L1 documentation, enhancing use cases, and communicating with stakeholders during high-severity events.
Loading...