SOC Analyst
Full Time
1 month ago
Employment Information
- Monitor security logs in real time within the Security Operations Centre (SOC) from multiple network and security devices.
- Ensure timely detection, notification, investigation, and containment of threats across customer environments.
- Map observed adversary behaviors and incidents to relevant MITRE ATT&CK tactics and techniques for accurate threat classification.
- Enrich incident investigations using the MITRE ATT&CK framework to identify attacker objectives and predict potential next steps.
- Collaborate with Threat Intelligence teams to correlate Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) for proactive threat hunting.
- Review and validate incidents to ensure adherence to standard operating procedures (SOPs).
- Provide training, mentoring, and feedback to SOC analysts to improve quality of analysis and MITRE ATT&CK adoption.
- Identify and implement continuous improvements in monitoring use cases, threat scenarios, and operational procedures.
- Interact with customers to address queries and recommend service improvements.
- Perform root cause analysis (RCA) for monitoring errors, service gaps, and security incidents.
- Create weekly, monthly, and ad-hoc reports for clients and internal stakeholders.
- Periodically tune detection rules to reduce false positives and enhance alert accuracy.
- Collaborate with internal teams and external vendors during incident response and mitigation efforts.
- Conduct detailed RCA for security incidents and provide containment and remediation recommendations.
- Coordinate external audits and evidence collection related to SOC 2, SOX, NIST Cybersecurity Framework, and other compliance standards.
- Stay current with emerging threats, attack techniques, and security technologies.
- Track and manage key SOC KPIs and generate reports for core stakeholders.
- Required Skills & Qualifications.
- Minimum 2 years of experience in a Security Operations Centre (SOC) or similar security operations role.
- Strong technical and operational understanding of SOC processes and workflows.
- Hands-on experience with SIEM platforms, including log ingestion, correlation, tuning, and analysis.
- Solid understanding of networking concepts (OSI Model, TCP/IP) and operating systems.
- Familiarity with security infrastructure components such as firewalls, proxies, WAFs, antivirus/EDR, and email gateways.
- Good understanding of the Cyber Kill Chain and MITRE ATT&CK framework.
- Ability to assist, guide, and mentor junior analysts with technical maturity and professionalism.
- Strong verbal and written communication skills.
- Excellent problem-solving and critical-thinking abilities.
- Eagerness to learn and stay updated with the evolving cybersecurity landscape.
- Strong interpersonal skills with the ability to collaborate effectively across teams and stakeholders.
- Preferred Attributes (Nice To Have).
- Experience with threat hunting and advanced incident analysis.
- Exposure to compliance and audit requirements (SOC 2, SOX, NIST, ISO 27001).
- Experience working in a 24x7 SOC environment.
- Lets grow together.
Share this
