Security Operation Center (SOC)

Job Description

<p><strong><u>Job purpose:</u></strong></p><p>Reviews the latest alerts to determine relevancy and urgency. Creates new trouble tickets for alerts that signal an incident and require Level 2 / Incident Response review. Manages and configures security monitoring tools (net flows, IDS, correlation rules, etc.), with 12x3x365 role.</p><p> </p><p><br></p><p><strong><u>Key Accountabilities:</u></strong></p><ul><li>24 x 7 x 365 Monitoring of security events and Log Sources availability</li><li>Security incidents Triage and Escalation</li><li>Reporting False positives and recommend Use Cases</li><li>Provide SOC Infrastructure tuning feedback.</li><li>Monitoring brand protection reports and portals.</li><li>Monitor Dashboards &amp; Rules triggered by SOC monitoring tools to invoke incident-handling process.</li><li>Monitor health of the SOC monitoring tools by considering respective administrative dashboards.</li><li>Acknowledge the alerts generated by SOC monitoring tools.</li><li>Perform Initial analysis of the alerts triggered, or anomalies observed on the dashboards before sending it to SOC Analyst.</li><li>Gather necessary information from SOC monitoring tools with respect to the case, which would serve as evidence and aid SOC Analyst in further investigation of the case.</li><li>Track the lifecycle of the entire case/ incident to effectively resolve the case/ incident.</li><li>Generate daily reports and sent to the concerned personnel within agreed timelines.</li><li>Monitoring and Performing Level 1 triage of security events received through alerts from SIEM or other security tools.</li></ul><p><br></p><p><br></p><p><strong><u>Education:</u></strong></p><ul><li>Bachelor’s degree in computer science or Equivalent</li><li>Mandatory: CCNA Cyber Ops., CCNA Security.</li></ul>