Job Description
Job Description & Responsibilities
Monitor and analyze security logs to identify threats and suspicious activities.
Investigate and analyze security incidents, perform initial assessments, and escalate critical threats when necessary.
Work with SIEM tools (such as Splunk, ArcSight, ELK) to create and enhance use cases, dashboards, and alerts.
Review incidents and alerts generated by security monitoring systems.
Collaborate with other teams to improve threat detection capabilities and enhance incident response processes.
Stay up-to-date with the latest cyber threats, attack techniques, and defensive strategies.
Qualifications:
Strong knowledge of Network+ and Security+ concepts.
Familiarity with CEH, SANS 504, SANS 555, SANS 503, and SANS 511 topics.
Hands-on experience with SIEM tools (such as Splunk, ArcSight, ELK) for log analysis and alert management.
Solid understanding of network security concepts, including Firewall, UTM, WAF, and IPS/IDS.
Familiarity with log structures of Microsoft products, Linux systems, web servers, and infrastructure services.
Basic understanding of network protocols and infrastructure services across different layers.
Familiarity with Linux operating systems, web servers, and security devices.
Proficiency in at least one programming language is considered an advantage.
Availability for on-call shifts and the ability to respond quickly to security incidents.
Shift schedule: 3 daytime 12-hour shifts (7 AM to 7 PM) / 3 days off / 3 nighttime 12-hour shifts (7 PM to 7 AM).
Employment Type
- Full Time
Job Category
Seniority
Details
Employment type
- Full Time
Job Category
Seniority
