Key Responsibilities:

• Assisting clients with monitoring, investigation and response to security incidents.

• Effectively assess security incidents, determine their severity level, and manage response efforts with efficiency and precision.

• Conduct research, analysis, and investigation of security alerts

• Maintain a comprehensive awareness of the current threat landscape, including malware, phishing attacks, and advanced persistent threats (APTs).

• Actively participate in post-incident reviews to identify lessons learned and recommend improvements to processes and technologies.

• Provide feedback and recommendations to enhance detection and response capabilities

• Participate in continuous improvement of security operations processes and toolsets

• Provide guidance and leadership to the team during critical situations, ensuring effective decision-making and response.

• Foster collaboration with cross-functional teams to enhance the overall security posture of the organization.

• Mentor and train junior analysts, sharing knowledge and best practices to strengthen team capabilities.

Requirements:

• Bachelor's degree in Computer Science, Information Technology, or a related field

• Preferably 2+ years of experience in a Security Operations Center (SOC) or related cybersecurity role

• Demonstrated ability to analyze, triage and remediate security incidents.

• Moderate knowledge in SIEM tools such as Splunk, Microsoft Sentinel or similar platforms, along with a solid understanding of various log sources and their functions.

• Moderate knowledge of security related technologies and their functions (Firewall, VPN, IDS/IPS, EDR, WAF, etc.)

• Experience in developing SOC use cases in SIEM to correlate diverse logs, including the creation of new monitoring use case logic and enabling effective investigation of security alerts and incidents.

• Experience in conducting investigations across various environments, including endpoints, networks, web applications, databases, and cloud resources

• Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.)

• Knowledge of Cyber Threat Intelligence, including the analysis of intelligence alerts, threat hunting, and providing actionable recommendations.