- Monitor, review, and investigate events generated by various security tools.
- Dashboard monitoring, reporting , Initial response to security issues.
- Create trouble tickets for reported security issues
- Ticket Dispatching and Reporting (Triage, Analysis)
Requirements
- Minimum 2 years of experience with the incident response process, including detecting advanced adversaries, log analysis using SIEM tools, and malware triage.
- technical knowledge in Information security standards and protocols
- Hands on experience with some or all of the following is preferred:
• Windows, Linux and Cisco operating systems;
• NetFlow and full packet capture technology;
• Intrusion Detection Systems (IDS) and SIEM technologies;
• ArcSight ESM, Splunk, McAfee NSM, Kibana, ElasticSearch, Logstash; and
• Firewalls, antivirus and other similar network security tools.
• Strongly skilled in documentation