SME - Security Investigations, SIEM

Job Summary

Role Overview

The SOC Analyst is responsible for proactive threat hunting, vulnerability assessment, and supporting remediation activities arising from Vulnerability Assessment (VA) and Penetration Testing (PT) exercises. This role operates within a Security Operations Center and collaborates with cross-functional teams to strengthen enterprise security posture.

Key Responsibilities

Key Responsibilities

• Conduct proactive threat hunting using SIEM, EDR, and threat intelligence feeds.

• Analyze security alerts and identify indicators of compromise (Io Cs).

• Support vulnerability scanning across infrastructure, applications, and cloud environments.

• Identify vulnerabilities including missing patches, misconfigurations, and insecure applications.

• Perform triaging, prioritization, and risk-based classification of vulnerabilities.

• Coordinate remediation activities with IT and application teams.

• Track remediation progress and ensure closure within SLA timelines.

• Validate fixes through re-scanning and verification mechanisms.

• Support VA/PT exercises by analyzing findings and recommending mitigation measures.

• Document findings, response actions, and security incidents in tracking systems.

• Collaborate with Incident Response teams during critical or high-severity cases.

Threat Hunting Responsibilities

• Develop hypotheses based on threat intelligence and past incidents.

• Search for anomalous behavior across endpoints, networks, and logs.

• Continuously improve detection rules and hunting strategies.

• Leverage tools such as SIEM, SOAR, and EDR platforms for investigation.

Vulnerability Management Responsibilities

• Perform vulnerability scans on servers, network devices, applications, and databases.

• Analyze scan results and identify critical exposures.

• Recommend remediation actions based on industry standards.

• Work with stakeholders to implement security patches and configuration changes.

VA/PT Support Responsibilities

• Assist in planning and execution of vulnerability assessments and penetration testing.

• Analyze PT findings and map them to business risk.

• Track remediation plans and validate mitigation outcomes.

• Support audit and compliance requirements related to VA/PT activities.

Skill Requirements

Required Skills

• Hands-on experience with SIEM tools (e.g., Splunk, Sentinel).

• Knowledge of vulnerability management tools (e.g., Qualys, Nessus).

• Understanding of attack frameworks such as MITRE ATT&CK.

• Good knowledge of networking, operating systems, and security controls.

• Experience with incident response and security monitoring.

Other Requirements

Preferred Qualifications

• Bachelor’s degree in Cybersecurity / IT or related field.

• Certifications such as CEH, Security+, CySA+, or equivalent.

• Experience in SOC operations and threat hunting.