Security Operations Center Analyst at Cybervine IT Solutions

About the job

• Monitor cybersecurity alerts for our customers in a shift-based 24x7x365 operations team under minimal supervision of the Team Lead. Mentor fellow members of the team as well as assist the Team Lead in reporting related tasks.

Outcomes: 

• Under the supervision of the Team Lead, ensure that cybersecurity alerts from the SIEM and multiple sources are dealt with within SLA. Communicate and escalate as per the defined process. 
• Respond independently to low and medium severity incidents. 
• Assist the Team Lead in reporting related tasks and other client deliverables.  
• Review and recommend topics for inclusion or upgrade to the playbooks, dashboards & alerts as well as new Use Cases or the refinement of existing ones. 
• Adherence to defined SOC processes including housekeeping tasks. Adherence to the Information Security policies as defined by the company and customer. 

Measures of Outcomes: 

• Value delivered to the customer as well as Cybervine 
• Adherence to SLA as agreed with the customer. 
• Productivity (Mean Time To Detection) 
• Quality – Quality of enrichment and investigation. 
• Adhering to process – Daily/Weekly audit of cases logged 
• Evidence of skill development including training certification etc. 

Outputs Expected: 

Cyber Security Monitoring : 

Work in accordance with the Playbook under supervision of the team leads to monitor alerts in SIEM & associated tools. Ensure appropriate response in line with the SLA. 

 Cyber Security Incident Management: 

• Process alerts through analysis triage and resolution. 
• Communication and escalation as per the defined process 
• Documentation including annotation in casework log to ensure audit trail as per defined standards and quality requirements. 
• Reporting 

Team Player: 

• Assist the team lead in ensuring Continuous Growth & Learning as well as in delivering on innovation and/or optimization. 
• Mentor junior team members where possible. 

 Reporting: 

• Assist Team Lead in the generation of required reports management information and analytics. 

Other Responsibilities: 

• Ensure that the housekeeping tasks are performed. 
• Undertake activities for example quality checks reviews etc. to ensure that the team as a whole are performing to standard requirements. 
• Assist in achieving near-zero false-positives etc. 

 Skill Examples: 

• Proficiency in the use of SIEM and other relevant tools.
• Excellent logical problem-solving ability and analytical skills for incident triage and analysis 
• Excellent oral and written communication skills. 
• Continually learn new technology and stay updated on cyber threats. Assist and motivate team members to do likewise. 
• Ability to work rotating shifts and also be on-call outside of shift hours on a regular and recurring basis(within reason). 
• Possess unimpeachable personal and professional integrity. Individuals will be required to submit to a background check. 

 Knowledge Examples 

• 1 to 2 years experience in Cyber Security/Infosec related work. 
• 3+ years IT experience 
• Security+, Pentest+ or other similar certifications. 
• Proficient in the Incident Management process. 
• Understanding of cybersecurity alerts and incidents. basic understanding of enterprise IT Infrastructure including Networks, Firewalls, OS, Databases, Web Applications etc. 
• Desirable – Training / Certification in Ethical Hacking Tools Process and Frameworks related to cybersecurity, etc. 
• Evidence of online practical experience: Hack-The-Box, PicoCTF 
• Python, bash, PowerShell Scripting