کارشناس Tier 2 SOC

Job Description

• Support or contribute to the different levels of the incident response process in case of confirmed incidents.
• Support and contribute to the execution of incident simulation exercises for validation and improvement of the overall incident response capabilities.
• Help us create meaningful alerts from events.
• Operate and optimize security processes and tools.
• Developing incidence response playbooks.
• Handle security incidents/alerts, investigating the root cause in collaboration with other Security teams, establishing corrective controls, and minimizing the impact.
• Investigate breaches, gather evidence, and analyze data.
• Correlate actionable security events from various log sources and Threat Intelligence (TI).
• Maintain and enhance our security monitoring toolkit (SIEM, sensors, etc.).
• Create, improve, and implement security detection techniques within our SIEM.
• Help us identify malicious activities within our network, which our current toolset might not cover.
• Work as part of a team to deploy and maintain secure and reliable network architecture as well as server/system security best practices.
• Build security tooling and automation for internal use that enables the security department to operate at high speed and wide scale.
• Participate in team problem-solving efforts and offer ideas to solve the issues.
• Advise and support the company in all security-related matters.