CSOC Analyst

Key Accountabilities

• Active monitoring of system logs and network traffic for unusual activity and provide recommendations for remediation
• SIEM and NGAV/EDR Administration, Centralized Log Collection and Management
• Continuous monitoring and review of security events, reports, alerts and CSOC dashboards to identify anomalous patterns indicative of potential security incidents
• Responsible for timely and effective response to, and management of, incidents, events, notifications, calls and other activities related to CSOC including Root Cause Analysis
• Gather relevant information and provide actionable intelligence on potential cyber security threats and incidents
• Prepare CSOC reports (for presentation if needed) on daily, weekly and monthly KRIs
• Responsible for creation and fine-tuning of use-cases and alerts in the CSOC monitoring environment
• Perform regular health checks on all CSOC systems and tools and ensure that all hosts are monitored and required security event logs are being collected
• Build, support and update the CSOC playbooks/processes

Skills

Other Accountabilities

Required Qualifications:

• Ability to identify and solve problems quickly and implement mitigations/remediation
• Ability to think outside the box and look at situations from all angles
• Ability to analyze multiple pieces of data/information from different sources to identify issues

Preferred Experience:

• B.Sc. degree in computer science/engineering or a related technical field
• Experience in IT System Administration, Network Security or monitoring or similar.
• Technical background across IT network technologies and protocols including routing, TCP/IP, UDP, DNS, SMTP, HTTP/S, SSH, PKI, proxy, etc.

Education

• Bachelor’s degree in Computer Science or equivalent