Requirements

Operating system

Windows

Linux

Employer requirements

• Minimum 2 years of experience in a SOC environment with proven track record
• Excellent investigative skills, curiosity, and ability to think like an attacker
• Strong problem-solving and decision-making abilities
• Knowledge and hands-on experience with:
• SIEM tools
• IDS/IPS, HIPS, advanced anti-malware solutions, firewalls, proxies, MSS
• Network protocols (TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc.)
• Network monitoring devices (firewalls, IDS/IPS, web proxies, email filters)
• Operating systems: Windows, Linux, UNIX
• Cloud platforms: AWS, Azure, Google Cloud
• Experience with common log management suites
• Functional knowledge of scripting/programming to build custom tooling or automation
• Formal education (degree in Information Security, Cybersecurity, Computer Science or related field) OR equivalent work experience
• Fluency in English (spoken and written)

Optional

• Experience with incident response and forensic investigation tools (EnCase, FTK, Sleuthkit, Kali Linux, IDA Pro)
• Industry-recognized certifications (CEH, GSEC, GCIH, GCIA, CISSP, EnCE, etc.)

Your responsibilities

• Monitor global IT and information infrastructure for new attacks and log events into appropriate systems
• Triage potentially malicious events and assess their severity and impact
• Respond to alerts from monitoring and detection systems within defined SLAs
• Support cybersecurity incidents from detection through eradication, ensuring lessons learned are implemented
• Analyze network traffic using a variety of security tools
• Continuously improve detection and monitoring capabilities by fine-tuning alerting rules and contributing to playbook enhancements