Senior Security Operation Analyst

Description:

The SOC Analyst Level 3 / Sr, SOC Analyst is a senior position within the Security Operations Center (SOC) responsible for advanced threat detection, incident response, and the development and optimization of SIEM (Security Information and Event Management) systems. This role requires deep expertise in cybersecurity, experience with SIEM tools, and the ability to mentor and guide junior analysts.

Key Responsibilities:

Advanced Threat Detection and Analysis:

Monitor and analyze security events and alerts from SIEM and other security tools.Conduct in-depth analysis of security incidents to determine root cause, scope, and impact. Perform threat hunting to identify and mitigate potential security risks. SIEM Development and Optimization: Develop, configure, and maintain SIEM systems to ensure effective and efficient threat detection.Create and fine-tune SIEM rules, alerts, and reports to enhance detection capabilities. Integrate various data sources and security tools with the SIEM platform.

Incident Response:

Lead and coordinate responses to complex security incidents, including containment, eradication, and recovery.Develop and execute incident response plans and playbooks.Conduct post-incident analysis to identify gaps and recommend improvements.

Proactive Security Measures:

Perform vulnerability assessments and penetration testing to identify weaknesses.Implement and manage advanced security controls and technologies.Conduct regular security assessments to ensure compliance with policies and standards.

Mentorship and Training:

Mentor and train junior SOC analysts on cybersecurity and SIEM best practices.Develop and deliver training sessions on advanced cybersecurity topics. Provide guidance on best practices and emerging threats.

Collaboration and Communication:

Work closely with IT and security teams to ensure coordinated responses to incidents.Communicate complex security issues and recommendations to non-technical stakeholders.Develop and maintain documentation, including incident reports, SOPs, and threat intelligence reports.

Continuous Improvement:

Stay current with cybersecurity trends, threats, and technologies.Participate in industry forums, conferences, and training sessions.Recommend and implement enhancements to SOC capabilities and processes.

Qualifications:

Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).At least 5-7 years of experience in a SOC or Cybersecurity role, with at least 3-4 years in a senior position. Relevant certifications such as CISSP, CISM, CEH, GIAC, or equivalent.Proficiency in SIEM tools (e.g., Splunk, ArcSight, QRadar) and security technologies.Strong knowledge of Cybersecurity frameworks and standards (e.g., NIST, ISO 27001).Excellent analytical, problem-solving, and communication skills. Experience with scripting and automation (e.g., Python, PowerShell) is a plus.