SOC Analyst - Tier 1
at DTS Solution
Dubai, دبي, United Arab Emirates -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 27 Jun, 2024 | Not Specified | 27 Mar, 2024 | 3 year(s) or above | Open Source,Edr,Netflow,Mdr,Proxy,Ips,Security Tools | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
QUALIFICATIONS
- 3+ years of experience of network/security architecture or operations experience
- Experience working on specific SOC/SIEM platforms
- Excellent experience in Elastic (ELK), Splunk, Wazuh, LogRhythm
- Experience in SOAR technologies – Demisto, Cybersponse, FortiSOAR, Swimlane
- Excellent experience in MDR or EDR
- Experience in using security tools – commercial and open source
- Experience in defensive technologies – NGFW, AV, VPN, IPS, NETFLOW, DAM, WAF, Proxy, Web Filtering etc. Ability to inspect using PCAP files.
- Knowledge with Threat Hunting and MITRE ATT&CK Methodology
QUALIFICATIONS
- 3+ years of experience of network/security architecture or operations experience
- Experience working on specific SOC/SIEM platforms
- Excellent experience in Elastic (ELK), Splunk, Wazuh, LogRhythm
- Experience in SOAR technologies – Demisto, Cybersponse, FortiSOAR, Swimlane
- Excellent experience in MDR or EDR
- Experience in using security tools – commercial and open source
- Experience in defensive technologies – NGFW, AV, VPN, IPS, NETFLOW, DAM, WAF, Proxy, Web Filtering etc. Ability to inspect using PCAP files.
- Knowledge with Threat Hunting and MITRE ATT&CK Methodology
How To Apply:
Incase you would like to apply to this job directly from the source, please click here
Responsibilities:
ROLE AND RESPONSIBILITIES
- Work as a Cyber SOC Tier 1 Analyst in DTS Solution – HawkEye CSOC cyber command center.
- The security analyst Tier 1 monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier 2 security analyst, and/or customer as appropriate to perform further investigation and resolution.
- Reviews trouble tickets generated by SIEM Leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
- Reviews and collects asset data (configs, running processes, etc.) on systems for further investigation.
- Will actively monitor security threats and risks, provide in-depth incident analysis, evaluate security incidents, and will provide proactive threat research.
- Work closely with the Tier 2 Analyst to assess risk and provide recommendations for improving DTS Solution - HawkEye CSOC’s customer security posture.
- Participate in security incident management and vulnerability management processes. Identify, perform, review or track security incident investigations to resolution and identify lessons learnt.
- Identify, perform or review root cause analysis efforts following incident recovery to enhance operations.
- Participate in evaluating, recommending, implementing, and troubleshooting security. solutions and evaluating IT security of the new IT Infrastructure systems.
- Ensure that corporate data and technology platform components are safeguarded from known threats.
- Develop, implement and test new SIEM use cases. Regularly identify and develop new use cases for automation and tuning of security tools
- Provide technical guidance to the customer’s technical teams during the configuration of new log sources.
- Understanding and implementing the SOC processes and procedures.
- Follow standard operating procedures for detecting, classifying, and reporting.
- Triage events for criticality and escalate according to predefined processes incidents under the supervision of Tier 2 and Tier 3 staff.
- Communicate effectively with customers, team-mates, and management.
- Provide input on tuning and optimization of security systems.
- Follow ITIL practices regarding incident, problem and change management.
- Document and maintain customer build documents, security procedures and processes.
- Stay up to date with current vulnerabilities, attacks, and countermeasures.
- Reviews the latest alerts to determine relevancy and urgency.
- Creates new trouble tickets for alerts that signal an incident and require Tier 2 / Incident Response review.
- Manages and configures security monitoring tools (SIEM, SYSLOG, NETFLOW, FIM, SYSMON etc.)
ROLE AND RESPONSIBILITIES
- Work as a Cyber SOC Tier 1 Analyst in DTS Solution – HawkEye CSOC cyber command center.
- The security analyst Tier 1 monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier 2 security analyst, and/or customer as appropriate to perform further investigation and resolution.
- Reviews trouble tickets generated by SIEM Leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
- Reviews and collects asset data (configs, running processes, etc.) on systems for further investigation.
- Will actively monitor security threats and risks, provide in-depth incident analysis, evaluate security incidents, and will provide proactive threat research.
- Work closely with the Tier 2 Analyst to assess risk and provide recommendations for improving DTS Solution - HawkEye CSOC’s customer security posture.
- Participate in security incident management and vulnerability management processes. Identify, perform, review or track security incident investigations to resolution and identify lessons learnt.
- Identify, perform or review root cause analysis efforts following incident recovery to enhance operations.
- Participate in evaluating, recommending, implementing, and troubleshooting security. solutions and evaluating IT security of the new IT Infrastructure systems.
- Ensure that corporate data and technology platform components are safeguarded from known threats.
- Develop, implement and test new SIEM use cases. Regularly identify and develop new use cases for automation and tuning of security tools
- Provide technical guidance to the customer’s technical teams during the configuration of new log sources.
- Understanding and implementing the SOC processes and procedures.
- Follow standard operating procedures for detecting, classifying, and reporting.
- Triage events for criticality and escalate according to predefined processes incidents under the supervision of Tier 2 and Tier 3 staff.
- Communicate effectively with customers, team-mates, and management.
- Provide input on tuning and optimization of security systems.
- Follow ITIL practices regarding incident, problem and change management.
- Document and maintain customer build documents, security procedures and processes.
- Stay up to date with current vulnerabilities, attacks, and countermeasures.
- Reviews the latest alerts to determine relevancy and urgency.
- Creates new trouble tickets for alerts that signal an incident and require Tier 2 / Incident Response review.
- Manages and configures security monitoring tools (SIEM, SYSLOG, NETFLOW, FIM, SYSMON etc.)
REQUIREMENT SUMMARY
Min:3.0Max:8.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Other
Graduate
Proficient
1
Dubai, United Arab Emirates