SOC Administrator

Experience : 3-4years in SOC Admin role, SIEM Administrator, SOAR Administrator.

The Use-Cases Factory worker is responsible for :

- Develop and deploy use-cases to detect security threats into our SIEM from the log collection to the incident handling playbook. Fine-tune detection rules to minimize false positives and false negatives.

- Maintain detailed documentation of use-cases, ensuring transparency and accountability.

- Manage execution of standard procedures for the content management, change management and lifecycle management of the use-cases.

- Work closely with other IT and security teams to develop specific use cases and to enhance the overall security posture of the organization. Share insights and recommendations to improve overall cybersecurity posture.

- Regularly review and update use-cases to adapt to the evolving threat landscape and incorporate new threat intelligence.

- Manage reports, dashboards, metrics for CyberSOC KPIs and presentation to senior management & other stakeholders.

Skills :

- Bachelor's degree in Computer Science, Information Security, EXTC or related field.

- Relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are highly desirable.

- Proven experience (3+ years) working within the Cybersecurity field, with a focus on developing and managing use-cases.

- Excellent understanding and proven hands-on experience in SIEM/SOAR concepts such as log collection, correlation, aggregation, normalization, parsing, playbooks, layouts.

- Experience with Palo Alto XDR and/or other SIEM platforms like Sentinel, Qradar, Splunk, ArcSight, etc.

- Experience with Palo Alto XSOAR and/or equivalent SOAR Platforms like Resilient, Phantom, etc.

- Proficiency in scripting languages (e.g., Python, Bash) for automation and customization of security processes is highly desirable.

- Deep understanding of various cyber threats, attack vectors, and defense mechanisms.