Security Operations Center Analyst

Coordinates - لبنان - Lebanon

Job Summary:

We are seeking a highly motivated and detail-oriented Security Operations Center (SOC) Analyst to join our cybersecurity team. The SOC Analyst will play a crucial role in monitoring, detecting, and responding to security threats and incidents to safeguard the organization's information systems. The ideal candidate will have a deep understanding of cybersecurity principles, threat detection, and incident response protocols, as well as excellent problem-solving and communication skills.

 

Responsibilities:

  • Continuously monitor network traffic, system logs, and security alerts for unusual activity using SIEM (Security Information and Event Management) tools.
  • Identify, analyze, and respond to security events, incidents, and potential threats in real-time.
  • Conduct initial triage and assessment of security incidents, escalating as needed.
  • Investigate and resolve security breaches or attacks by following established response protocols.
  • Document and report on incident findings, actions taken, and remediation steps.
  • Stay informed about the latest threat intelligence, attack methods, and emerging vulnerabilities.
  • Use threat intelligence to proactively identify and mitigate potential risks.
  • Operate and maintain SOC tools, including SIEM, EDR (Endpoint Detection and Response), IDS (Intrusion Detection Systems), and firewalls.
  • Assist with the integration and optimization of SOC tools and technologies.
  • Provide recommendations for enhancing security policies, procedures, and controls.
  • Contribute to the development and refinement of incident response playbooks and security policies.
  • Proactively search for threats that have evaded existing security measures.
  • Analyze email headers to identify potential phishing, spoofing, or other email-based threats.
  • Perform static analysis of files, binaries, and scripts to detect malicious code or behavior.
  • Conduct dynamic analysis by executing files in a controlled environment to observe their behavior and identify potential threats.


Required Skills and Qualifications:

  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent work experience).
  • Hands-on experience with SIEM platforms, such as SplunkQRadar, or Microsoft Sentinel.
  • Proficiency with EDR tools, including CrowdStrikeMicrosoft ATP, or SentinelOne.
  • Familiarity with cloud security tools and platforms (AWS, Azure, GCP).
  • Strong understanding of TCP/IP, network protocols, and security architectures.
  • Solid knowledge of static and dynamic analysis techniques.
  • Expertise in email header analysis and related techniques for identifying email-based threats.
  • Excellent analytical, troubleshooting, and problem-solving skills.
  • Strong written and verbal communication skills in English (fluent and professional).
  • Ability to work effectively under pressure during security incidents.
  • Strong collaboration and teamwork skills.


تاريخ النشر: اليوم
الناشر: LinkedIn
تاريخ النشر: اليوم
الناشر: LinkedIn