Network Security Engineer / Incident response engineer / SOC Analyst

The Security Operations Center (SOC) Analyst Level 2 position is assigned to the Enterprise Information Security team. The primary purpose of this position is to help monitor and report on cyber incidents impacting NetApp, as well as analyse security events detected by the L1 analysts. This position involves critical duties and responsibilities that must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work.

Knowledge of various security methodologies and processes, and technical security solutions (SIEM, firewall and intrusion detection/prevention systems) Knowledge of TCP/IP Protocols, network analysis, and network/security applications System and/or network administrator skills in Cloud environment Knowledge of common Internet protocols and applications Ability to multi-task, prioritise, and manage time effectively Strong attention to detail Excellent interpersonal skills and professional demeanour Excellent verbal and written communication skills Excellent customer service skills Proficient in Microsoft Office applications SQL knowledge highly desirable Knowledge of Malware Reverse Engineering. Good to have a CEH, GCIA, GCIH, GCFA, GCFE or other related certifications.

Responsible for working in a 24x7 Security Operation Center (SOC) environment Review the latest alerts to determine relevancy and urgency Review trouble security tickets Should be ready to work during night shift (06:00 AM to 3:00 PM OR 2:00 PM to 11:00PM or 10:00PM to 7:00AM) Leverage emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack Review and collect asset data (configs, running processes, etc.) on these systems for further investigation. Investigate alerts from SIEM, EDR, XDR and other security tools across physical and cloud environments. Determine and direct remediation and recovery efforts of security incidents. Provide analysis and trending of security log data from many heterogeneous security devices Provide threat and vulnerability analysis as well as security advisory services Analyse and respond to previously undisclosed software and hardware vulnerabilities Investigate, document, and report on Information Security issues and emerging trends Coordinate with L2, L3, IR analysts on activities impacting NetApp Integrate and share information with other analysts and other teams Comply with and update SOC Run Books, as needed Actively participate and guide team in Threat Hunting activities.

Requires a minimum of 7 years of related experience with a Bachelor’s degree; or 2 years and a Master’s degree; or a PhD without experience; or equivalent work experience. Minimum of at least 5 years' experience as a Security/Network Administrator or equivalent knowledge.