تحلیلگر امنیت (SOC Tier 2)

Requirements

4 years of experience on one of the following team(s):

1. Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident.
2. Response Center (CSIRC) or a Security Operations Center (SOC).

• Bachelor's degree in Computer Science, Information Technology, or a related technical field.
• Experience with Security Information and Event Management (SIEM) Systems, Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, and Large Enterprise or Cloud Environments.
• Experience with incident response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, and managing and tracking investigations to resolution.
• Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK).
• XDR/EDR experience:

1. Deep packet and log analysis.
2. Some forensic and malware analysis experience.
3. Cyber threat and intelligence gathering and analysis.

• Willingness to learn, adapt, and innovate critical thinking and analytical skills.
• Excellent written and oral communication skills.
• Great interpersonal and teamwork skills.
• Proficient in Incident Management and Response.
• Experience in security device management and SIEM.
• Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc.
• Experience in threat management.
• Knowledge of various operating system flavors including but not limited to Windows, Linux, and Unix.
• Knowledge of applications, databases, and middleware to address security threats against the same.
• Proficient in the preparation of reports, dashboards, and documentation.