Engineer (L1 Security Operations Center)

Early Applicant

Exp: 1-3 Years

Job Description

Respond to Security Alerts, Threats, and Incidents : Actively monitors security alerts and promptly respond to incidents using documented procedures

Handle Network and System Monitoring : Keep a vigilant eye on both internal and external networks, systems, and applications to identify security anomalies and events
Participate in Incident, Problem, and Change Management : Collaborate with the team during incident response, problem resolution, and change management processes
Manage documentation and SOPs : Contribute to the development and maintenance of Standard Operating Procedures (SOPs) and playbooks
Communicate effectively, clearly and concisely with the end users, team members, and other stakeholders essentially
Work on shift work in 12-hour shifts on a rotation basis

About you:

An excellent working knowledge of threat analysis, detection, and response processes is essential. Being aware of current cyber threats and attack vectors helps in effective incident handling
Acquired the following knowledge areas (at least two or more):

Windows and Unix/Linux Operating Systems, Network Devices, Firewalls, IDS/IPS, TCP/IP Protocols, General Network Architecture, Endpoint Detection and Response Tools, Email Security Tools, Cloud Security Tools, Vulnerability Management, Threat Intelligence/Detection/Hunting, MITRE Attack Framework & Cyber Kill Chain

Critical Thinking and Analysis: adept at detecting, responding to, and escalating security alerts/incidents
Attention to Detail: A keen eye for analyzing data and identifying anomalies is crucial
Excellent written and verbal communication skills Excellent written and verbal communication skills are essential
A team player with ability to collaborate effectively within a team environment
A passion for acquiring continuous learning of new skills and delivering value to the organization
Degree in Information Technology/Computer Science or relevant field

Your experience includes:

At least 3 years of IT related work background with at least 1 year in IT Security
Administering various security tools such as Firewalls, Endpoint Detection and Response (EDR),Vulnerability Management, Email Security Tools, SIEM (Security Information and Event Management)
Solid Background in Network and Systems Administration
Scripting languages such as Python and PowerShell
Participation in Security Competitions and Capture The Flag (CTF)
Added advantage for Certifications completed in CompTIA Security+, Cisco CCNA, Palo Alto NSE (Palo Alto Networks technologies) or any similar certifications in information security