SOC Expert (L2/L3) (BB-56698)

Found in: Neuvoo IL

Location-Jerusalem Responsibility of / Expectations from the Role : • Managing the Security Operation center & experience in management, configuration of ArcSight. • Investigates alerts daily. Reviews the most recent SIEM alerts to see their relevance and urgency. • Carries out triage to ensure that a genuine security incident is occurring. Oversees and configures security monitoring tools. • Deals with critical incidents. Carries out vulnerability assessments and penetration tests to assess the resilience of the organization and to isolate areas of weakness that need attention. • Reviews alerts, threat intelligence, and security data. Identifies threats that have entered the network, and security gaps and vulnerabilities currently unknown • Addresses real security incidents. Evaluates incidents identified by tier 1 analysts. • Uses threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and the extent of the attack. • Analyses running processes and configs on affected systems. Carries out in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted. • Creates and implements a strategy for containment and recovery • Co-ordination with customer & different teams • Prepare / Updation of SOC Process document • Help in Training the SOC SME’s Must-Have: ArcSight SIEM Management & configuration, SOC operation, Leadership, Interpersonal & Communication Skills Good-to-Have: and Security Orchestration and Automation (SOAR),Create Use Cases, Automation, Certification CISSP , Deep understanding in Web application fire wall (WAF), Linux and windows operating systems, Database Security and Vulnerability Management Tools Background: Cyber Security Domain

calendar_today1 day ago


info משרה מלאה

location_on Jerusalem, Israel

work Memad2

I expressly authorise the Terms and Conditions

Similar jobs