Act as a point of escalation for Level-1 analysts in 12-hour shift rotation Perform due diligence and in-depth analysis on escalated security alert from Level-1 analyst and escalate to respective Business for further action in timely manner
Support Level-1 alert analysis by providing advanced analysis services to include recommending containment and remediation processes and independent analysis of security events
Work closely with SOC Manager to better security operations and address identified deficiencies
Coaching and mentoring Level-1 analyst to improve detection capability within the SOC and feedback on work quality
Receive and review tuning request from Level-1, provide recommendations in use case tuning and optimization of security systems
Interfaces with outside teams for incident escalations and resolution
Function as shift subject-matter experts (SMEs) on incident detection and analysis techniques
Challenge and suggest improvement on existing processes and procedures in a very agile and fast-moving information security
Prepare monthly, weekly & daily reports
Requirements:
Bachelor Degree Bachelor’s degree in Computer Science, Engineering, IT Security or a related field.
Preferred Certifications:
SANS Certification such as GSEC, CCED, GCIA, GCIH, GMON or other relevant certifications A Bachelor's or Associate's degree in IT, Computer Science, or related field
1+ years’ experience in one or more of the following: o Offensive security (penetration testing/vulnerability assessment) o System administration on Unix, Linux or Windows o Network operation or engineering o Malware reverse engineering o Advanced incident handling o Scripting and automation
Demonstrated ability to work in a team environment, train and coach other team members Experience with investigating using a wide variety of detective technologies such as SIEM, packet capture analysis, host forensics and memory analysis tools
Additional
Understanding and knowledge of threat landscape in terms of the tools, tactics, and techniques of attacks
Excellent analytical and problem-solving skills
Great communication skills, both written and verbal
Ability to effectively communicate technical and non-technical issues both verbally and in writing Hands-on experience in working with Security Operation Centre
Relevant technical and industry certifications are a plus, e.g., SANS certifications