Soc Analyst

Job Overview:

We are seeking a motivated SOC Analyst with 2-4 years of experience to join our dynamic cybersecurity team. The ideal candidate should possess hands-on experience with both open-source and commercial SIEM tools and demonstrate expertise in monitoring, detecting, analyzing, and responding to cybersecurity incidents. This role involves working in a 24/7 Security Operations Center (SOC) environment.

Key Responsibilities:

Monitor and analyze security alerts generated by SIEM tools (open-source and commercial) and other monitoring solutions.

Investigate and triage security incidents to identify potential threats, vulnerabilities, or breaches.

Conduct threat analysis and incident investigations using tools like Splunk, QRadar, Open source or similar platforms.

Assist in the creation and fine-tuning of SIEM rules, alerts, and dashboards to enhance threat detection capabilities.

Perform log analysis across various systems, including servers, firewalls, endpoints, and cloud services.

Document and report incidents, findings, and recommendations for corrective actions.

Collaborate with other teams to implement security controls and preventive measures.

Stay updated with emerging threats, vulnerabilities, and industry best practices.

Participate in post-incident reviews and contribute to improving SOC processes and procedures.

Required Skills:

Bachelors degree in Computer Science, Information Technology, Cyber security, or related fields.

2-4 years of experience in a SOC or equivalent role.

Practical experience in SOC monitoring, preferably using Microsoft Sentinel, Splunk, IBM QRadar, open source tools.

Strong understanding of network security, endpoint security, and cloud security principles.

Knowledge of log management, threat detection, and incident response processes.

Familiarity with scripting languages (e.g., Python, Bash) and automation tools.

Understanding of cybersecurity frameworks like MITRE ATT&CK, NIST, or ISO 27001.

Excellent problem-solving skills and attention to detail.

Certification in CompTIA Cybersecurity Analyst (CySA+), Certified SOC Analyst (CSA), ECIH or any other relevant certification.