Security Operations Center Analyst

Bosnia and Herzegovina, Bulgaria, North Macedonia, Slovenia, Romania, Hungary, Serbia

SOC analysts are the first to respond to cyber security incidents. They report on cyberthreats and implement any changes needed to protect the organization. SOC Analyst has to ensure that the Cyber Security Monitoring is being maintained and Cyber Incident Response is being handled in accordance with the defensive Security Operations Manuals and within the agreed timelines and OLAs.    


Key Responsibilities

  • SOC analysts are considered the last line of defense and they usually work as part of a large security team, working alongside security managers and cybersecurity engineers 

  • Monitor the User Access and Identity Access Management for all HTEC applications, critical systems, AD and highlight the GAPs if any 

  • Improve skill sets by involving in Compliance related initiatives on an ongoing basis 

  • Enhance knowledge and apply appropriately on Web Servers and key security devices (e.g.: Proxies, AVs, Endpoint Security, Firewalls, Email gateway etc.) to effectively carry out the security risk assessment 

  • Conduct audits of information security controls and practices and measure and report on performance and risk (including third party suppliers) 

  • Involved in updating/developing Information security standards, policies, procedures and ensure it is renewed annually and obtain approvals thereon 

  • Enhance knowledge and apply appropriately on Web security, Mobile security VA/PT, systems and databases from InfoSec risk review perspective 

  • Involve in developing the Information security framework e.g.: SOC2 or ISO27001 to improve the security posture of the organization 

  • SOC analysts need to be detail oriented because they are responsible for monitoring many aspects simultaneously. They need to watch the protected network and respond to threats and events


Required qualifications

- Education: 

  • Bachelor of Science or 

  • Information Security related qualifications such as CEH, CSA, CompTIA Security+ 

- Experience:
  • Basic experience in using Cloud PaaS offerings (AWS, Azure) 

  • Basic hands-on experience with using, configuring, implementing, and troubleshooting network infrastructure  

  • understanding of and basic experience with Cloud Infrastructure (VPCs, VNETs, subnets, Network Security Groups, route tables, ACLs), authentication policies, DNS, cloud storage and domain management 

  • Basic experience with some SIEM solution 

  • Understanding and awareness of Risk and Control concepts 

- Technical: 

  • Understanding of the Security Operations Center concept 

  • Attention to details 


KPIs

  • Threat and vulnerability analysis 

  • Implement and manage defensive security and forensics tools 

  • Investigating, documenting, and reporting on any information security (InfoSec) issues as well as emerging trends 

  • Analysis and response to previously unknown hardware and software vulnerabilities 

  • Investigate suspicious activities, contain and prevent them 

  • Providing security services to the rest of the organization 

  • Demonstrated experience in implementing security controls, including access control, privileged access management, data security, network security, data loss prevention, cloud security, vulnerability management, configuration management 

  • Network defense – must have the ability to defend the network. Tasks include monitoring, discovering, and analyzing possible threats. A SOC analyst should have the skills needed to maintain secure network traffic and respond to suspicious activities.  

  • Ethical hacking – must know how to detect threats and report vulnerabilities in a manner that ensures the organization remains protected from attacks. SOC analysts should know how to perform perpetration testing for systems, web applications, and networks to find vulnerabilities 

  • Incident response – must be able to manage several effects of breaches in a manner that reduces the impact of breaches. SOC analysts should also be able to provide recommendations that can help prevent future security breaches 

  • Computer forensics – must be familiar with computer forensic techniques that can help prevent cybercrime. Tasks include collecting, analyzing, and reporting security data 

  • Reverse engineering – must be able to read and understand the operation and performance parameters of software programs, and at a higher level of skill, should be able to reverse-engineer malware

Security Operations Center Analyst

Job description

Security Operations Center Analyst

Personal information
Professional data