Penetration tests (nice to have)
Incident Response (regular)
Antivirus software (regular)
Vulnerability Management (regular)
You will be a part of SOC Tier 2 unit, acting as a second point of communication for all services related to information security.
What you will be responsible for:
- Analyzing incidents/alerts from Tier 1 (T1),
- Confirming them as real incidents or discard as false-positives,
- Shaping the way contracts are delivered from SOC:
- by taking part in the onboarding,
- by attending meetings with the business client,
- by transforming expectations into configurations and workflows,
- Correlation rules fine tuning.
Then you should have:
- IT Security experience,
- Proven SIEM background (minimum a year experience with SIEM Tools, good addition will be knowledge about log sources/correlation rules),
- Experience in one of the following fields: OS administration, Network, Active Directory, Linux, Penetration tests, Vulnerability management, Antivirus software, Proxy, Incident response,
- Fluency in written and spoken English.