- Identify the required SIEM sensors appropriate to the organization and receive input from them
- Monitoring and monitoring events created by SIEM equipment daily (SOC system management)
- Design and execute security process and instructions in the face of events
- Check signatures from various security tools and equipment to identify threats and false positives
- Provide efficient reports and dashboards for security incident analysis
- Daily and regular reporting to the relevant manager
- Hunting for security threats
- Familiarize with security equipment, provide solutions and configure them
- Perform vulnerability and penetration tests
Requirements
- Familiarity with the deployment of IDPS, WAF and Firewall technologies
- Familiarity with exploiting vulnerability scan tools and intrusion testing
- Learn about SIEM tools, architecture and how they work
- Familiarity with the concepts of Security +, CEH, SANS504 and permeability
- Understand the concepts of security vulnerabilities
- Learn about malware and coping techniques
- Mastering in the hardening of all types of Windows and Linux services
