Saturday, April 7, 2018

SOC Analyst Level II



Roles and Responsibilities

Monitor and analyze logs and alerts from a variety of different technologies through Splunk SIEM solution in order to identify security incidents affecting the enterprise
•    IDS/IPS
•    Firewall
•    Proxies
•    Anti-Virus
•    Other security technologies

•    Assess the security impact of security alerts and traffic anomalies to be able to gather a broad view of the overall risk profile of the enterprise
•    Reporting to appropriate Level III incident handling staff or relevant sources to determine increased risk to the business.
•    Tune and create signatures and use cases in Splunk that are suitable to the environment.
•    Create customized Dashboards using Splunk to ease monitoring and include relevant information.
•    Coordinate with infrastructure support teams to maintain/trouble shoot security tools and monitoring integrity.
•    Provide SOC services and consulting for domestic and international clients as required in support of NSSG customers.
•    Working rotational shifts if required.
•    Working as part of a team with similar tasked Analysts in a diverse, engaging, supportive and respectful manner.
•    Mentors and develops less experienced team members.
•    Maintains and create metrics for SOC functions.
•    Responds to requests for information in support of internal and external audits and examinations.
•    Researches attempted or successful efforts to compromise systems security and designs countermeasures
•    Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems
•    Serve as a technical escalation point for complex security problems
•    Supervise other SOC analysts in day to day duties and provide leadership by example and initiative.

Requirements
PROFESSIONAL COMPETENCIES
•    Deep understanding of network topologies and security
•    Proven skills in technical writing, verbal communications, consulting, and problem solving in a rapidly changing technical environment
•    Proven experience being team-oriented and self-motivated, with a keen attention to detail and the ability to work independently
•    Ability to effectively communicate and work with individuals from diverse backgrounds or cultures

QUALIFICATIONS AND EDUCATION REQUIREMENTS
•    Must have a High School Diploma
•    Valid Driver’s License is required
•    +2 Years in SOC Environment
•    +2 Years’ experience with Splunk SIEM
•    3-5 years in the Cybersecurity field
•    Bachelor’s Degree in Computer Sciences preferred

PREFERRED SKILLS
•    Certified Splunk Power User
•    Security certifications Security+, GMON, GCIH, GCIA, GSEC or similar is preferred
•    Vulnerability and applications testing, penetration testing is a plus
•    Configuration and tuning of Web Application Firewall is a PLUS
•    Endpoint security experience
•    Experience in Scripting like power shell, Perl etc.
•    Experience in PCI is preferred but not required. Experience with PCI DSS, SSAE-16 or any other security or auditing standards is a PLUS.
•    Experience with log aggregation and event correlation technologies is highly DESIRABLE

About the Company
National Security Services Group (NSSG) is a cyber security firm located in the Sultanate of Oman.

NSSG is designed to assist the private and government sectors determine their in-depth threats and provide solutions in coordination with our partners, which alleviates and reduces the risk in the every growing world today.

NSSG seeks only the best and most qualified personnel to lead companies and governments alike, into the future.

No comments:

Post a Comment