وظيفة Security Operations Center ( SOC tier 2 ) - International Bank

Duties & Responsibilities

• Working closely with IT admins to minimize false positives from the security tools.
• Full root cause analysis and level 1 incident investigation.
• Provide Incident Response actions and remediation recommendations
• Full Incident Management and Incident Resolution
• Threat Intelligence and ongoing information Gathering
• Security Events Trend Analysis
• Leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
• Create knowledge base article with incident details along with the resolution, which serves as a reference to SOC team in case of repetition of the same/similar incident in future.
• Track, analyse and understand the characteristics of latest threats, malware and vulnerability information and perform an assessment of the applicability of the same to the environment.
• Translate the logic to implementation by configuring resources such as Rules, Reports, Dashboards and Filters …etc. in SOC monitoring tools to detect the threats or anomalies.
• Create and maintain the alerts/dashboards/ reports inventory document.
• Analyse and investigate the alerts in SOC monitoring tools to report any abnormal behaviours, suspicious activities, traffic anomalies etc.
• Develop and configure use cases in SOC monitoring tools to detect and alert the non-compliance status and support the threat detection guidelines as per IT security team.
• Ensure that security significant logs are available in SOC monitoring tools for analysis and investigation