ewandzdigital Inc. - Security Operations Center Analyst I - SIEM (3-5 yrs)

Responsibilities :

- Monitor and analyze security alerts from SIEM, SOAR, IPS, firewalls, WAF, and other security tools to identify potential threats and vulnerabilities.

- Investigate security incidents, analyze logs, and correlate data to determine the root cause and scope of the issue.

- Assist in incident response procedures, following established protocols to contain and remediate security threats.

- Manage and analyze network traffic to identify suspicious activity and mitigate potential risks.

- Troubleshoot network and security issues to ensure the smooth operation of our IT infrastructure.

- Participate in vulnerability management processes, ensuring timely software updates and patching of security vulnerabilities.

- Maintain up-to-date knowledge of the latest cyber threats and security best practices.

- Document security incidents, findings, and resolutions for future reference and continuous improvement.

Technical Skills (Must-Have) :

- Proficiency in security tools, including SIEM, endpoint security solutions, firewalls, and basic knowledge of IDS/IPS.

- Working understanding of Windows, Linux, and virtualization concepts.

- Solid understanding of TCP/IP networking protocols and network security principles.

- Strong analytical and problem-solving skills to investigate and troubleshoot security incidents.

- Excellent communication and collaboration skills to work effectively with the security team and other IT departments.

Technical Skills (Good to Have) :

- Experience with security information and event management (SIEM) tools (e.g, Splunk, ELK Stack) is a plus.

- Familiarity with security orchestration, automation, and response (SOAR) tools is a plus.

- Certifications in security (e.g, Security+, CCNP Security, Fortinet NSE) are a plus