KEY RESPONSIBILITIES:
Responsible to configure and administer SOC tools such as SIEM, SOAR, EDR and TIP to support SOC requirements.
- Provide first level technical support for SOC technologies.
- Maintain the health of SIEM tool and ensure 99.96% uptime of the platform.
- Create necessary dashboards in SIEM and other SOC tools to enable the SOC monitoring and reporting.
- Perform regular patching and version upgrades on SOC technologies.
- Create dashboards to support SOC monitoring and reporting requirements.
- Integrate new log sources, parse logs in SIEM.
- Manage faults in SOC technologies, troubleshoot to identify root cause, and coordinate with vendors for resolution.
- Ensure backups are configured and working properly for SOC technologies.
- Perform backup restore tests on periodic basis.
- Support SOC by performing fine-tuning on SOC technologies, guide SOC analysts with best practices to perform searches, etc.
- Maintain proper documentation for SOC technologies. Ensure change management process is followed.
- Coordination and collaboration - Work with the SOC Analysts, IT sections, SOC Manager on developing and managing the required use cases, orchestrations and automation workflows, and playbooks.
- Review and fine-tune Use cases implemented on EDR.
- Implement scanning profiles on vulnerability scanning tool and integrate with SOAR.
QUALIFICATION AND REQUIREMENTS:
- Demonstrated track record of strong SIEM and SOAR deployment and management successes in client/MSSP environment.
- Solid grounding in all fields of IT security.
- Solid technical problem-solving skills with demonstrated passion for engineering excellence, quality, security, and performance.
- Strong cross-group collaboration and interpersonal communication skills working with a variety of roles including development, product management, support and sales engineering.
- Demonstrated ability to solve complex Use cases and playbook problems.
- Broad general knowledge of the high-technology industry gained in larger enterprise IT security environments and SOC operations.
- Demonstrated track record of strong SIEM and SOAR deployment and management successes in client/MSSP environment.
- Solid grounding in all fields of IT security.
- Solid technical problem-solving skills with demonstrated passion for engineering excellence, quality, security, and performance.
- Strong cross-group collaboration and interpersonal communication skills working with a variety of roles including development, product management, support and sales engineering.
- Demonstrated ability to solve complex Use cases and playbook problems.
- Broad general knowledge of the high-technology industry gained in larger enterprise IT security environments and SOC operations.
EDUCATION:
- BSc in Computer Science / Electrical Engineering/Mathematics (at least 4+ years in Information security domain).
CERTIFICATIONS:
- SIEM Certification
- SOAR Certification
- Cloud Security Certifications
- GIAC GCIH
- Certified Entry-Level Python Programmer
- Certified Associate in Python Programming
Vertical:
Technology
