Job-specific responsibilities:
- Monitor the security alerts queue through SIEM solution and EDR.
- Monitor the health of Organization’s security sensors and SIEM infrastructure.
- Collect data and context necessary to initiate Level 2 escalation.
- Deliver scheduled and ad-hoc reports.
- Work closely with the Level 2 & Level 3 team towards the continuous improvement of the service.
- Create Logs, and close Tickets and Incidents.
Specialization:Bachelor’s degree of engineering or computer science.Knowledge of SIEM (Security Information and Event Management)Solid technical knowledge about TCP/IP, computer networking, routing, and switchingBasic knowledge about IDS/IPS, penetration and vulnerability testingSolid technical knowledge about Firewall and intrusion detection/prevention protocols.Windows, UNIX, and Linux operating systemsCompTIA Network+, Security+, Linux+, Cisco CCNA, CCNP, CCNA Security. EC Council C|EH, CHFI, CND, CSA.Network protocols and packet analysis toolsAnti-virus and anti-malwareGood reporting skillsExcellent analytical and problem-solving skills.Strong interpersonal skills to interact with team members and upper management.Strong collaborative skills.Self-discipline to work according to playbook and time requirements.Passion for cybersecurity and staying up to date with current threats, tools, and techniques.Willingness to learn new security technologies, products and incident analysis and response approaches.Excellent written and oral communication skills.