Description

SOC ANALYST JOB DESCRIPTION

About the Role:

SECUREISM Pakistan, a global cyber-security practitioner company advocating security, having its head-office in Dublin-Ireland and its offices in Pakistan, Middle East, Australia and New-Zealand is seeking a SOC Analyst for its Cyber Security practice, being a SOC Analyst you will play a crucial role in our organization's cybersecurity operations by monitoring and analyzing security events and incidents, providing initial incident response, and escalating complex issues to senior team members.

Role Description:

1. Monitor and analyze security alerts and events generated by various security monitoring systems, such as SIEM (Security Information and Event Management) tools, intrusion detection systems, and log management systems.

2. Conduct initial investigation and analysis of security incidents, including identifying and assessing potential threats and vulnerabilities.

3. Provide initial incident response by following established procedures, documenting incidents, and taking appropriate actions to contain and mitigate potential security threats.

4. Escalate complex security incidents or events to senior team members or Level 2 analysts for further investigation and resolution.

5. Collaborate with cross-functional teams, including IT operations, network engineering, and application development, to gather relevant information and perform incident triage.

6. Assist in the development and maintenance of standard operating procedures (SOPs) and guidelines for incident response and handling.

7. Participate in continuous monitoring of systems and networks to identify potential security weaknesses or suspicious activities.

8. Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and industry best practices to enhance the organization's security posture.

9. Contribute to the improvement of security monitoring tools and processes by providing feedback and suggesting enhancements.

10. Maintain accurate and detailed incident records, including incident summaries, investigation findings, actions taken, and remediation steps.

Must have:

1. Bachelors in IT, SE, CS or Equivalent.

2. Knowledge of SIEM (Security Information and Event Management)

3. Familiar with Database and programming languages

4. Experience in Penetration and vulnerability testing

5. Firewall and intrusion detection/prevention protocols

6. Windows, UNIX, and Linux operating systems

7. Network protocols

8. Knowledge of Anti-virus, EDR, XDR

9. Willingness to work in a 24/7 shift-based environment, including weekends and holidays.

Nice to have:

1. BS/MS in Cybersecurity

2. Relevant certifications (e.g., CompTIA Security+, CEH)

3. Strong knowledge of cybersecurity principles, concepts, and best practices.

4. Excellent written and verbal communication skills with the ability to articulate complex technical information to both technical and non-technical stakeholders.

5. Prior experience in a SOC or incident response.