SUMMARY:
SOC Analyst L3

POSITION INFO:

Our client a Global Tech firm is seeking an SOC Analyst L3 to join their team in Rosebank . Our client offers great benefits, stability, growth and an attractive salary.

Main Purpose:

To analyse security events and alerts and to gather and carry out remediation tasks on console for clients through its toolsets, operational monitoring, preventative actions and crisis management.

Description of responsibilities:

• Conduct cyber intelligence operations including intelligence collection, tracking threat actors, identifying malicious behaviors and operations.
• Works with customers, vendors and internal resources for problem resolution and security advisories.
• Standardizes process and procedures and provides continual improvement.
• Develops and maintain comprehensive documentation on incidents and analysis for clients and internal.
• Compile security advisories for internal and external in document format with technical recommendations.
• Use case writing, development and refinement for detection of threats.
• Proactively search for rogue behavior, malicious attacks & suspicious activity.
• Training of junior analysts.
• Analyze threat feeds to produce daily/weekly/monthly Threat Intelligence brief and regular threat trend reporting.
• Analyse security events/alerts and recommend remedial actions.
• Analyse vulnerability scan data and recommend remedial actions.
• Analyse trends across time and clients for remedial actions.
• Provide analysis in contracted reports.
• Healthchecks on monitored devices.
• Analyse Network flow data & investigate deviations from baseline.
• Pro-actively hunt for threats, vulnerabilities & suspicious activity.
• Investigate suspicious emails for phishing attacks.

Qualifications and experience required:

• Grade 12 (essential). 
• Certification in IBM QRadar essential.
• Experience analyzing phishing attacks
• CISSP, CEH, GPEN, OSCP or similar security certifications.
• Experience producing reports and briefs on the current threat landscape and associated risks.
• Experience monitoring third party security related websites, forums and social media sites for information regarding vulnerabilities and exploits.
• Experience conducting malware analysis – usage of VirusTotal etc.
• Experience replicating reported vulnerabilities in a safe and contained environment to develop proof of concept and/or exploit tools.
• Working Knowledge with the folloiwng technologies: Windows and Active Directory, Unix and Linux, Routers & Switches, Anti-Malware Systems, Relational Databases, Open Source Intelligence, Firewall, IDS/IPS, Vulnerability Management & Proxy management or solid understanding of these technologies.
• 5 – 8 years work related experience as a Level 1/2 Analyst.
• SOC/SIEM systems Certifications – IBM Qradar essential.
• Formal training in Networking and networking protocols – CCNA advantageous.
• Experience in malware investigation advantageous.
• Experience in server/network/firewall/ips administration.
• Experience in a Security Operations Centre environment & a Network Monitoring environment.

Knowledge

• How to analyse data
• IBM – QRadar experience
• Must have an understanding of use cases
• Must have excellent problem-solving skills.
• Detailed technical knowledge of technology protocols (TCP/IP, SMB, SSH etc)
• Good knowledge of scripting languages.

Skills

• Communication skills (verbal and written - report writing, email and presentation)
• Problem solving skills
• Customer orientation
• Planning and organising skills
• Analysing skills
• Writing and Reporting
• Learning and Researching
• Creating & Innovating
• Delivering Results & Meeting Customer Expectations

Personal Attributes

• Presenting and Communicating Information
• Deciding and Initiating Action
• Coping with Pressures and Setbacks
• Applying Expertise and Technology
• Following Instructions and Procedures
• Ability to work well independently & productively with minimal supervision.

NB! This job is now closed. You can apply for other jobs by uploading your CV.