Job Summary:
The incumbent will be responsible for monitoring, detecting, analyzing, and responding to security incidents within the organization. The incumbent will work closely with cross-functional teams in investigating potential security incidents and taking appropriate actions to protect the organization’s information systems.
Key Responsibilities:
Your responsibilities will include:
- contributing to the development and improvement of SOC processes, playbooks, and response strategies.
- monitoring security alerts and events from various sources, including SIEM, Firewalls, Endpoint protection, DLP, EDR and other security tools.
- analyzing network traffic, logs, and system activities to identify potential security threats and anomalies and effectively monitoring Data Loss Prevention incidents to detect and prevent unauthorized data transfers or leaks for both local and international users.
- Responding to security incidents by following incident response procedures, including containment, eradication, and recovery actions.
- Documenting and reporting on incidents, providing detailed analysis and recommendations for future prevention.
- Utilizing threat intelligence feeds to stay informed of the latest cyber threats and integrate relevant intelligence into monitoring and detection processes.
- Assisting in the identification and assessment of vulnerabilities within the organization’s Infrastructure, and generating reports on security metrics, incidents, and trends to inform management and support continuous improvement of security operations.
- Participating in the evaluation and implementation of new security tools and solutions. and conducting regular reviews of security software compliance to identify any gaps or missing agents.
- Managing and overseeing the day-to-day activities, ensuring the timely completion of assigned tasks and projects.
- Participating in training and development activities to enhance security skills and knowledge.
Qualifications:
You should have/be:
- minimum bachelor's degree
- Technical Skills: Incident Detection and Response, Microsoft Sentinel (SIEM), Endpoint Detection and Response (EDR), Symantec Data Loss Prevention (DLP), Threat Intelligence, Malware Analysis, Forensics and Incident Investigation.
- relevant Microsoft & other IT Certifications such as CompTIA Security+, SC-200 (Microsoft Security Operations Analyst), CEH (Certified Ethical Hacker)
- at least 5-10 years of relevant experience
- strong business knowledge, experience, and good communication skills.
