SOC Operator

About The Position

Requirements

• Bachelor’s degree in Computer Science or related field; MA or MBA preferred.
• Relevant industry certifications such as Security+, GCIH, or GCIA are desirable.
• Minimum 1-3 years' experience in Information Technology preferred.
• Minimum 1-3 years of direct IT Security experience in Security Operations preferred.

Responsibilities

• Security Monitoring and Alert Triage:
• Monitor security alerts and events generated by various security tools, including SIEM, IDS/IPS, antivirus, and endpoint detection and response (EDR) systems.
• Analyze and triage security alerts to identify potential security incidents, prioritizing them based on severity, relevance, and potential impact.
• Incident Response and Remediation:
• Collaborate with incident responders to coordinate and execute incident response procedures, including containment, eradication, and recovery efforts.
• Take immediate action to mitigate security incidents, such as isolating compromised systems, blocking malicious traffic, and applying security patches or updates.
• Document incident response activities, including timelines, actions taken, and lessons learned, to support post-incident analysis and reporting.
• Threat Intelligence and Detection Enhancement:
• Stay abreast of the latest cyber threats, vulnerabilities, and attack techniques through threat intelligence sources and industry reports.
• Enhance detection capabilities by developing and refining correlation rules, signatures, and detection logic within the SIEM platform.
• Contribute to the continuous improvement of SOC processes, procedures, and tools to enhance the organization's cyber defense posture.
• Vulnerability Management Support:
• Assist in the identification, prioritization, and remediation of security vulnerabilities across the organization's infrastructure and applications.
• Work closely with IT teams to ensure timely patching and mitigation of identified vulnerabilities, reducing the organization's exposure to potential exploits.