Junior SOC Analyst

**About The Role**

This is a great opportunity for a SOC Analyst ideally experienced in AlienVault already in an Analyst or Consultant role and/or with demonstrable SIEM experience, to support the SOC services for a global technology company.

The SOC is responsible for the security analysis, incident classification and incident response actions including notification and alerting. Monitors for possible security incidents, using knowledge of attack types and standard protocol behaviour to classifyincidents, comment, and provide advice on mitigation or remedial actions to the client.

Analyse, triage and respond to security events, alarms and escalations, acting as the 1st line security event analyst monitoring the Security Information and Event Management (SIEM) system. Providing an initial analysis of event data and network traffic,making security event determinations on alarm severity, escalation, and response routing.

**Junior Security Analyst Definition**:
**Essential duties & responsibilities**
- Responsible for working in a 24x7 Security Operation Center (SOC) environment
- Provide analysis and trending of security log data from a large number of heterogeneous security devices.
- Provide Incident Response (IR) support when analysis confirms actionable incident.
- Provide threat and vulnerability analysis as well as security advisory services
- Analyze and respond to previously undisclosed software and hardware vulnerabilities
- Investigate, document, and report on information security issues and emerging trends.
- Coordinate with Intel analysts on open source activities impacting SLTT governments.
- Integrate and share information with other analysts and other teams
- Other duties as assigned
- Recommend changes to enhance systems security and prevent unauthorized access client systems.
- Conduct research and assessments of security events, providing analysis of firewall, IDS, anti-virus and other network sensor produced events, to feed in to SOC reporting activities and improvements.
- Monitor threat & vulnerability news services for any relevant information that may impact installed infrastructure. Analyse reports to understand threat campaign techniques, lateral movements and extract indicators of compromise.
- Participate in compliance/vulnerability assessment scanning, and develop mitigation and remediation plans from the assessment findings
- Document information security operations policies, processes and procedures. Create and update security event investigation notes on open incidents and maintain case data in the incident response management platform.
- Provide input, as requested, for Security, Risk, Compliance and Service reporting.

**In addition to the above, the SOC shift leader will be responsible for**:

- To ensure that handovers are carried out between shifts
- To act as the point of escalation for the level 1 analysts and Juniors
- To delegate tasks wherever necessary
- To create and conduct service review presentations/reports and provide them to customers
- To assist with reporting
- To act as a mentor to level 1 analysts and Junior analysts
- To report any team issues to the Team Lead so that resolutions can be quickly reached
- To oversee any support tickets and to ensure that they are correctly handled and escalated/handed over as necessary

**About You**

**Position specifications**

**Essential**:

- Bachelor's degree in a related field or equivalent demonstrated experience and knowledge
- 1-3 years' experience as a Security/Network Administrator or equivalent knowledge
- Knowledge of various security methodologies and processes, and technical security solutions (firewall, SIEM and intrusion detection/prevention systems, vulnerability scanners, etc.)
- Excellent understanding of commonly used Internet protocols such as SMTP, HTTP, and DNS
- Ability to multi-task, prioritize, and manage time effectively
- Strong attention to detail
- Excellent interpersonal skills and professionaldemeanor
- Excellent verbal and written communication skills
- Excellent customer service skills
- Proficient in Microsoft Office Applications

**In addition, the following are highly desirable**:

- SANS Certification
- CREST Certification
- Cyber Security Training Certifications
- Understanding of performing