Soc Mto

Description:

We are seeking a proactive and detail-oriented SOC MTO to join our dynamic Security Operations Center team. The ideal candidate will be responsible for monitoring, identifying, analyzing, and escalating potential security incidents to safeguard our organization's information assets. This is a shift based role.

Key Responsibilities:

• Actively monitor security alerts, network activity, system alerts and endpoint telemetry using various security tools and SIEM platforms to detect and respond to potential threats.

• Endpoint security monitoring, including the management and monitoring of core network.

• Develop and fine-tune SIEM rules and alerts to detect suspicious activities, malware, phishing, and network intrusions.

• Assess and prioritize security events based on risk, impact, and urgency. Classify incidents according to predefined guidelines.

• Conduct investigations to gather relevant data and contextualize alerts for efficient incident response.

• Collaborate with Tier 2/3 analysts and relevant stockholders to escalate incidents that require advanced analysis.

• Maintain detailed records of security incidents, findings, and resolution steps. Generate periodic reports for review and analysis.

• Actively participate in the development and maintenance of security policies, procedures, and standards.

• Work closely with other SOC team members, NOC team, IT team and other departments ensuring the policies, procedures and standards are being followed to safeguard and improve organizational physical and data security.

• Stay current on emerging threats, vulnerabilities, and security technologies.

Requirements:

• Educational Background: Bachelor’s degree in Cybersecurity and Information Technology, or a related field. Relevant certifications (e.g., CompTIA Security+, CEH, or equivalent) are a plus.

• Experience: Minimum 6 months to 1 year in a SOC or cybersecurity environment, with experience in monitoring, triage, and alert management and documentation. Fresh graduates can also apply.

Skills required:

• Familiarity with SIEM tools and ticketing systems.

• Endpoint security solutions: Like Endpoint Detection and Response (EDR) tools.

• Understanding of network protocols, logs, and packet analysis firewalls, intrusion detection/prevention systems (IDS/IPS).

• Basic knowledge of cyber threat intelligence and malware analysis is preferred.

• Familiarity with scripting for automation (Python, PowerShell, or Bash etc.).

• Proficiency in technical writing and documentation.

• Strong analytical skills and attention to detail.

• Excellent written and verbal communication skills.

• Ability to work in a fast-paced environment and handle multiple priorities.