Soc Analyst

Summary:

The SecOps Engineer plays a crucial role in ensuring the security of an organizations IT infrastructure. This role is focused on monitoring, analyzing, and responding to security threats and incidents, while supporting the development and implementation of security policies and best practices. The SecOps Engineer will work closely with IT and other departments to ensure security measures are in place, assist in vulnerability management, and help investigate security breaches. This position requires a proactive and analytical mindset to stay ahead of emerging cybersecurity threats and technologies.

Key Responsibilities:

• Security Monitoring & Incident Response: Monitor and analyze security alerts, incidents, and events to identify potential threats or vulnerabilities in real-time. Respond promptly to security incidents, providing timely and accurate escalation and resolution.
• Vulnerability Assessment & Management: Conduct regular vulnerability assessments, identify risks, and assist with the implementation of vulnerability management processes to mitigate potential security threats.
• Security Tool Management: Support the maintenance and management of security tools and technologies such as firewalls, Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), and Mobile Device Management (MDM) systems.
• Security Policies & Protocols: Assist in the development, implementation, and enforcement of security policies, procedures, and protocols to ensure compliance with organizational and regulatory requirements.
• Collaboration & Best Practices: Collaborate with IT and cross-functional teams to ensure security best practices are followed, and security controls are implemented effectively across the organization.
• Investigation & Forensics: Assist in investigating security breaches and incidents, performing root cause analysis, and supporting incident response and forensics efforts to determine impact and prevent future occurrences.
• Emerging Cybersecurity Trends: Stay up-to-date with the latest cybersecurity threats, technologies, and best practices. Evaluate new tools and techniques to enhance security posture.
• Disaster Recovery & Incident Reporting: Contribute to the preparation and maintenance of disaster recovery plans, ensuring the ability to quickly recover from cybersecurity events. Document and report on incidents, emerging threats, and security posture.

Skills & Qualifications:

• Experience: 3+ years of IT experience, with a focus on security operations, incident response, or cybersecurity. Alternatively, a Bachelors degree in a related field (e.g., Information Security, Computer Science) may be considered.
• Cybersecurity Knowledge: Basic understanding of cybersecurity principles and practices, including threat detection, incident response, vulnerability management, and security controls.
• Security Tools Familiarity: Familiarity with security tools and technologies such as firewalls, EDR, SIEM, MDM, and intrusion detection/prevention systems.
• Analytical & Problem-Solving Skills: Strong analytical and critical thinking skills to identify and resolve security issues effectively and efficiently.
• Communication Skills: Excellent communication skills (both written and verbal) to report on security incidents, communicate with stakeholders, and collaborate with IT teams.
• Certifications: Relevant cybersecurity certifications (e.g., CompTIA Security+, Certified Ethical Hacker (CEH), or equivalent) are a plus and will be considered beneficial.
• Teamwork: Strong teamwork and collaboration abilities, working effectively with cross-functional teams to address security concerns.
• Attention to Detail: Keen attention to detail when performing security assessments, investigating incidents, and reviewing security alerts.
• Adaptability: Ability to stay up-to-date with the rapidly evolving cybersecurity landscape and adapt to new threats, tools, and technologies.

Desired Candidate Profile:

• Incident Handling: Experience in security incident handling, including detection, analysis, response, and documentation.
• Security Operations Center (SOC) Experience: Familiarity with SOC environments, threat analysis, and investigation of vulnerabilities and incidents.
• Security Tools Expertise: Experience with SIEM solutions for real-time monitoring and event correlation, and EDR tools for endpoint security management.
• Risk Management: Ability to assess, prioritize, and mitigate risks across an organization's systems and networks.
• Disaster Recovery & Business Continuity: Experience in contributing to disaster recovery and business continuity planning to ensure minimal impact during security incidents.