- to manage incidents at all phases (triage, investigation and mitigation and remediation).
- to be a professional point of contact for the L1 team
- to receive escalation and manage incidents
- to escalate timely when the SLA for alerting is not met
- to identify the incidents if there are any missed by SOC operators
- to interact with external parties to resolve the queries relating to the raised incidents
- to generate the daily reports, weekly reports, and monthly reports on time
- to maintain the timely delivery of reports
- to maintain the updated and latest log baselines
- to act as Threat Hunter
- Minimum 3 years of working experience on an Incident Response\Forensic or any advanced SOC activities.
- Good understanding of security best practices and concepts, architectures and platforms.
- Knowledge of Windows and/or Unix-based systems/architectures and related security
- Knowledge in Public Cloud security.
- Enthusiastic to learn the Operational Technology (AIoT, IIoT), Edge, and Cloud technologies
- Scripting abilities.
- Problem-solving skills.
- Initiative and proactive attitude.
- Team player attitude.
- Willing to work on an on-call basis for an urgent matter
- Capable of meeting and exceeding Service Level Agreements (SLAs) as required per contract Flexibility agility to support a 24-hour a day/365 days/year operation.
Nice to have:
- Cybersecurity certification
- Bsc in relevant field
- Experience in defining Threat Hunting analytics (network and endpoints).
- experience in PT and attack simulation
- Understanding and familiarly with CIERT, NIST, CIS, ISO27001, Mitre frameworks
Company Reg. No.: 201131609D | Licence No.: 11C4684 | EA Reg No.: R 1440978