Job Summary:

We are seeking a highly motivated and detail-oriented Security Operations Center (SOC) Analyst to join our cybersecurity team. The SOC Analyst will play a crucial role in monitoring, detecting, and responding to security threats and incidents to safeguard the organization's information systems. The ideal candidate will have a deep understanding of cybersecurity principles, threat detection, and incident response protocols, as well as excellent problem-solving and communication skills.

Responsibilities:

• Continuously monitor network traffic, system logs, and security alerts for unusual activity using SIEM (Security Information and Event Management) tools.
• Identify, analyze, and respond to security events, incidents, and potential threats in real-time.
• Conduct initial triage and assessment of security incidents, escalating as needed.
• Investigate and resolve security breaches or attacks by following established response protocols.
• Document and report on incident findings, actions taken, and remediation steps.
• Stay informed about the latest threat intelligence, attack methods, and emerging vulnerabilities.
• Use threat intelligence to proactively identify and mitigate potential risks.
• Operate and maintain SOC tools, including SIEM, EDR (Endpoint Detection and Response), IDS (Intrusion Detection Systems), and firewalls.
• Assist with the integration and optimization of SOC tools and technologies.
• Provide recommendations for enhancing security policies, procedures, and controls.
• Contribute to the development and refinement of incident response playbooks and security policies.
• Proactively search for threats that have evaded existing security measures.
• Analyze email headers to identify potential phishing, spoofing, or other email-based threats.
• Perform static analysis of files, binaries, and scripts to detect malicious code or behavior.
• Conduct dynamic analysis by executing files in a controlled environment to observe their behavior and identify potential threats.

Required Skills and Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent work experience).
• Hands-on experience with SIEM platforms, such as Splunk, QRadar, or Microsoft Sentinel.
• Proficiency with EDR tools, including CrowdStrike, Microsoft ATP, or SentinelOne.
• Familiarity with cloud security tools and platforms (AWS, Azure, GCP).
• Strong understanding of TCP/IP, network protocols, and security architectures.
• Solid knowledge of static and dynamic analysis techniques.
• Expertise in email header analysis and related techniques for identifying email-based threats.
• Excellent analytical, troubleshooting, and problem-solving skills.
• Strong written and verbal communication skills in English (fluent and professional).
• Ability to work effectively under pressure during security incidents.
• Strong collaboration and teamwork skills.