SOC Tier 3
SOC Tier 3
Job Purpose:
- Directly reporting to SOC Manager.
- Monitoring all related Security Operation Center activities.
- Responsible for handling complex cybersecurity incidents, leading the investigation, remediation efforts, documented procedures and industry best practices.
- Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets.
- First point of escalation and support for the Level 2 SOC Analyst.
- Review and build new operational processes and procedures.
Assist in providing related evidence for internal and external auditors
Technical skills / Competencies
- Must have 3+ years prior experience in a similar position.
- Experience in different Operating Systems: Windows Enterprise Servers, AIX, UNIX, Linux, Windows Security servers & clients.
- Must have extensive experience in multiple security areas such as SIEM, Intrusion, APT, EDR, WAF, Web Proxy, Mail Gateway, PGP, VA, DLP, Network Security tools, SCOM, SCCM, Active Directory and Virtualization, as well as having a deep knowledge of networking, attack methods such as SQLi, pivoting and Scripting languages.
- Relevant technology vendor certifications (Cisco, Symantec, PaloAlto, FortiGate, IBM …etc.)