Senior Associate - L2 SOC Specialist

Line of Service

Industry/Sector

Specialism

Management Level

Job Description & Summary

Key Responsibilities:

Examine and Validate Attacks

• Perform deep-correlation - structured and unstructured DB query

• Perform deep-investigation before escalating to the SOC Manager and client

• Recommend countermeasures & controls based on established procedures

• Coordinate with the client to ensure the countermeasures are implemented

Examine Reports daily and weekly for abnormal activity

• Look for variations in the data

• Look for suspicious activity or operational errors

Inspect the Dashboards for data of interest

• Look for variations in the rates and trends of data

• Look for Event Classifications and Common Events that indicate risky activity or operational errors

• Look for abnormally long running sessions

• Look for high bandwidth utilisation and unapproved application usage

• Generate monthly Summary Shift Report/Hand over to SOC Manager

• Assist on high priority alarms/cases and perform in-depth investigations of security incidents

• Suggest rules fine tuning/correlation rules in Wazuh

Experience and Qualifications:

• Bachelor's Degree / Diploma in Information Technology, Information Security, Computer Science or a similar field.

• Minimum 2-3 years of experience working in 24x7 Security Operations Centre (SOC) environment

• Capable in conducting in-depth analysis and investigations on security incidents escalated by L1 SOC

• Able to run advanced queries and perform detailed forensic analysis on affected systems

• Detail-oriented with strong problem-solving and analytical skills

Education (if blank, degree and/or field of study not specified)

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Available for Work Visa Sponsorship?

Government Clearance Required?

Job Posting End Date