SOC Analyst L1

Responsibilities: -

• 24 x 7 triage, short-turn analysis of real-time security alerts & generate tickets, or escalation to L2 Security Analysts that are not in the Automation Runbook.
• 24 x 7 escalation to resolver upon receiving automated generated incident tickets on the health of SOCaS infrastructure, IT/OT managed security devices, or from the website defacement restorer activation alert.
• 24 x 7 manage problems till closure which include:
• Ensure that Service Level Agreements are met.
• Liaising with customers with regards to information security incidents
• Provision and performance of remedial actions to enhance customers network security posture

Requirements:

• Fresh graduate/1 year working experience in IT Infrastructure Operation and/or Support.
• Willing to work with 24/7 shift pattern that includes weekend work.
• Sound fundamental knowledge on Internet technologies, such as TCP/IP, HTTP, SSL, DNS, OWASP Top10 and web servers (e.g. Apache, IIS, Nginx, etc.).
• Understanding of firewalls, endpoint detection and response (EDR), IDS/IPS, WAF, etc.

Desired Qualifications:

• Bachelor's degree / Polytechnic Diploma in Computer Science, Information Technology or Information System.
• Experience in scripting (e.g. shell scripting, Macro, PHP, Perl, Java, etc.) and/or Regular Expression.
• Experience with TCP/IP packet analysis / network debugging with tcp dump or similar.
• Experience with web security concepts and technologies such as web application firewall, proxy.
• Experience general security technologies, processes, and concepts.
• Industry recognized security certifications (GCIA/GCIH, CISSP, CISA, CEH, etc.).
• Experience writing/decoding exploit, vulnerability, and attack detection signatures.
• Experience working with a SOC team is an advantage.