SOC Analyst
Key Responsibilities
- Monitor and analyze security alerts across enterprise infrastructure.
- Perform incident triage, investigation, containment, eradication, and recovery.
- Conduct deep log analysis across network, endpoint, identity, email, and cloud sources.
- Investigate phishing, malware infections, account compromise, lateral movement, and data exfiltration attempts.
- Perform proactive threat hunting and identify anomalous activity.
- Analyze network traffic and security events to detect suspicious behavior.
- Respond to identity-based threats including credential abuse and unauthorized access attempts.
- Support cloud security monitoring and identify configuration risks.
- Collaborate with infrastructure, cloud, and IT teams for remediation.
- Develop and enhance detection use cases and response playbooks.
Prepare detailed incident reports including root cause analysis and mitigation recommendations.
Required Experience
- Provide continuous (24x7) security monitoring and incident response support in a shift-based environment.
- Minimum 2+ years of experience in a Security Operations Center (SOC) or Incident Response role.
- Proven experience handling end-to-end security incidents.
- Strong experience analyzing logs from firewalls, endpoints, email systems, cloud platforms, and identity providers.
- Experience investigating phishing, malware, insider threats, and web-based attacks.
- Experience working in enterprise environments with cloud-based infrastructure and SaaS applications.
- Hands-on experience with endpoint detection and response concepts.
- Understanding of identity and access management, MFA, and conditional access controls.
- Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S).
- Experience reviewing and correlating raw log data for threat detection.
Familiarity with vulnerability management processes.
Technical Skills
- Security event monitoring and correlation
- Incident response lifecycle management
- Threat hunting methodologies
- Endpoint security investigation
Key Responsibilities
- Monitor and analyze security alerts across enterprise infrastructure.
- Perform incident triage, investigation, containment, eradication, and recovery.
- Conduct deep log analysis across network, endpoint, identity, email, and cloud sources.
- Investigate phishing, malware infections, account compromise, lateral movement, and data exfiltration attempts.
- Perform proactive threat hunting and identify anomalous activity.
- Analyze network traffic and security events to detect suspicious behavior.
- Respond to identity-based threats including credential abuse and unauthorized access attempts.
- Support cloud security monitoring and identify configuration risks.
- Collaborate with infrastructure, cloud, and IT teams for remediation.
- Develop and enhance detection use cases and response playbooks.
Prepare detailed incident reports including root cause analysis and mitigation recommendations.
Required Experience
- Provide continuous (24x7) security monitoring and incident response support in a shift-based environment.
- Minimum 2+ years of experience in a Security Operations Center (SOC) or Incident Response role.
- Proven experience handling end-to-end security incidents.
- Strong experience analyzing logs from firewalls, endpoints, email systems, cloud platforms, and identity providers.
- Experience investigating phishing, malware, insider threats, and web-based attacks.
- Experience working in enterprise environments with cloud-based infrastructure and SaaS applications.
- Hands-on experience with endpoint detection and response concepts.
- Understanding of identity and access management, MFA, and conditional access controls.
- Strong knowledge of networking fundamentals (TCP/IP, DNS, HTTP/S).
- Experience reviewing and correlating raw log data for threat detection.
Familiarity with vulnerability management processes.
Technical Skills
- Security event monitoring and correlation
- Incident response lifecycle management
- Threat hunting methodologies
- Endpoint security investigation