SOC Operator

Job Summary As a Security Operations Center (SOC) Operator, you will be at the forefront of our organization's cyber defense efforts, responsible for monitoring, detecting, and responding to security incidents in real-time. You will play a crucial role in safeguarding our digital assets, identifying emerging threats, and ensuring the integrity and availability of our systems and data.

Responsibilities Security Monitoring and Alert Triage:

Monitor security alerts and events generated by various security tools, including SIEM, IDS/IPS, antivirus, and endpoint detection and response (EDR) systems. Analyze and triage security alerts to identify potential security incidents, prioritizing them based on severity, relevance, and potential impact.

Incident Response and Remediation:

Collaborate with incident responders to coordinate and execute incident response procedures, including containment, eradication, and recovery efforts. Take immediate action to mitigate security incidents, such as isolating compromised systems, blocking malicious traffic, and applying security patches or updates. Document incident response activities, including timelines, actions taken, and lessons learned, to support post-incident analysis and reporting.

Threat Intelligence and Detection Enhancement:

Stay abreast of the latest cyber threats, vulnerabilities, and attack techniques through threat intelligence sources and industry reports. Enhance detection capabilities by developing and refining correlation rules, signatures, and detection logic within the SIEM platform. Contribute to the continuous improvement of SOC processes, procedures, and tools to enhance the organization's cyber defense posture.

Vulnerability Management Support:

Assist in the identification, prioritization, and remediation of security vulnerabilities across the organization's infrastructure and applications. Work closely with IT teams to ensure timely patching and mitigation of identified vulnerabilities, reducing the organization's exposure to potential exploits. Qualifications Bachelor's degree in Computer Science or related field or equivalent work expererience. Relevant industry certifications such as Security+, GCIH, or GCIA are desirable. Minimum 1-3 years' experience in Information Technology preferred. Minimum 1-3 years of direct IT Security experience in Security Operations preferred.