- Monitor the client's monitoring and alert systems
- Utilizing established policies, standards and procedures, determine which security alerts and notifications should be identified as information security incidents.
- Keep abreast of relevant technological changes and plan for new technology insertion.
- Communication and follow-up of potential security risks detected by the SOC-infrastructure.
- Manage security incidents identified by SOC infrastructure.
- Respond to Security Incidents according to the Security Incident Response processes.
- Process security events identified by the SOC environment.
- Vulnerability management according to predefined processes
- Follow-up on mitigation of vulnerabilities
- Delivery of security reports according to KPIs to Information Security Manager
- Handle user reported cases of potential phishing, and spear phishing campaigns.
- Research, and analyze wide variety of commodity and APT based malware and techniques.
- Perform cyber and technical threat analyses of hostile nation‐states, hacker groups, terrorist organizations and other bad actors able to do harm to NRC networks.
- Conduct link analysis of technical data using software tools to identify trends in attacks, targeting, and timing of suspicious/malicious activity.
- Produce situational, incident‐related reports on cyber threats that could affect organization networks.
- Perform advanced analyses of potentially malicious activities that have occurred, or are believed to have occurred, on the organization network.
- Handles initial investigation of DDoS, Malware related alerts (JavaScripts, *.php )
- Handles initial investigation of Malware related alerts (JavaScripts, *.php )
- Monitoring and responding to security events from SIEM
- Respond in a timely manner (within documented SLA) to support tickets
- Be available, ready, and able to promptly handle incoming support calls in support of our contractual customer SLA’s
Bachelor Degree in Computer Science, Information Technology, Telecommunications.1 : 3 years of previous related work experience.Understanding of electronic investigation and log correlation Proficiency with the latest intrusion detection platformsEvent and Incident managementSecurity+, GCIA, CEH, CIH, or CISSP certification preferred.Very good English both written and spoken.Excellent in cross-department communication and coordinating skills.