SOC Analyst
Требования
Местоположение и тип занятости
Компания
Описание вакансии
Условия работы
The SOC analyst is part of KL SOC team engaged in continues security monitoring, incident response and cyber threat hunting.
Principle Responsibilities
Analyze security events from endpoints (Windows, Mac, Linux), Network IDS, Web-proxies, Mail-gateways, Active Directory infrastructure
Detect and investigate information security incidents
Propose Incident response actions and remediation plan.
Identification of potential vectors of attacks, develop detection methods of these attacks by existing technological solutions
Adjust detection logic to fit Customer needs (filter out false positives, customize correlation rules, etc)
Communicate with Customers regarding detected incidents and suspicious activities.
Mandatory skills
Practical experience in the identification and investigation of information security incidents, development of recommendations to prevent similar incidents in the future
Understanding of the methods, tools and processes to respond to information security incidents
Experience in network traffic and log-files analysis from various sources
Knowledge of current threats, vulnerabilities, typical of attacks on information systems and tools to implement them, as well as methods for their detection and response
Knowledge of network protocols, the architectures of modern operating systems and information security technologies
Other requirements
Experience in work with ELK stack is welcome
Certifications (Offensive Security, GIAC) are welcome