Security Operations Center Analyst
- Post Date:August 21, 2022
- Views 407
- Career Level ManagerQualification DegreeExperience 3-5 Years
- Industry ICT
Job Description
ProComm is looking for a SOC Manager to join our dynamic team to manage and support our 24x7x365 Security Operations Centre. As a SOC Manager, your initial focus will be the design and implementation of their new Security Operations Centre, which will include the production of their policies and procedures, strategic roadmap, what should be monitored and how they will respond, ensuring the continuous improvement of the service. Following the successful implementation of the service, you will then be responsible for growing and managing a 24/7 Analyst team.
ProComm is a fast-paced, entrepreneurial environment so to be successful you will need to be a pro-active individual, take direction well, communicate succinctly, and collaborate effectively.
Roles and Responsibilities
- Lead and manage a 24x7x365 Security Operation Centre (SOC) environment providing technical oversight.
- Lead staff to proactively identify, prevent and respond to security incidents.
- Primarily responsible for security event monitoring, management and response.
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
- Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.
- Revise and develop processes to strengthen the current Security Operations Framework, review policies and highlight the challenges in managing SLAs.
- Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Centre.
- Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring.
- Responsible for integration of standard and non-standard logs in SIEM.
- Creation of reports, dashboards, metrics for SOC operations and presentation to Senior Management,
- Co-ordination with stakeholders, build and maintain positive working relationships with them.
- Stay up-to-date on information technology trends and security standards.
- Recommend modification to security tools and processes to detect, prevent, and mitigate threats.
- Coordinate with ProComm and customer teams to identify root causes, restore services, and communicate status to affected stakeholders.
- Maintain situational awareness and keep current with cybersecurity news and threat actor Tactics, Techniques, and Procedures (TTPs).
- Document ongoing investigations and analysis using ticketing and incident reporting systems.
- Support the production of effective situational awareness solutions, deliverables, and reports with relevant metrics and visualizations for key constituents and leadership.
- Leverage lessons learned, threat modelling, and emerging industry better practice, to analyse the effectiveness of the existing program (policies, technology and awareness) to continuously improve the incident management program.
- Desired Skill set
- Proficient in Incident Management and Response
- Experience in security device management, SIEM, SOAR, NDR, EUBA, EDR and XDR technologies
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, threat hunting, risk management, incident management etc.
- Knowledge of various operating system flavours including but not limited to Windows, Linux, Unix
- Knowledge of applications, databases, middleware to address security threats against the same
- ITIL Foundation knowledge in SOC processes and incident management tools
- Understanding of network protocols and packet analysis tools.
- Knowledge and experience using NIST 800-61 Incident Response Framework.
- Understanding of APTs and TTPs.
- Understanding of various Threat Intel Frameworks (e.g. CKC, MITRE ATT&CK, Diamond model, etc.).
- Understanding of NIST, ISO 27001, GDPR, CIS Benchmarks, SDLC, COBIT standards.
Soft Skills
- Proficient at documenting processes and procedures.
- Excellent problem solving, critical thinking, and analytical skills with the ability to deconstruct issues.
- Attention to detail.
- Excellent communication skills to effectively summarize and present findings.
- Ability to work independently or as a member of a team.
- Communicate to all levels of the organization and technical backgrounds.
- Reliable team player.
Qualifications
- A Bachelor’s degree in computer or cyber security field.
- Relevant cybersecurity (GCIH, GCED, CISSP, CISA, CISM, etc.) will be an added advantage.
To apply, please send your CV to: [email protected]