DTICI_CSOC L2 Specialist_T7

Company Overview

N/A

Job Summary

The DTICI_CSOC L2 Specialist_T7 is responsible for providing technical expertise in detecting and analyzing advanced security threats. The role focuses on incident response management, coordination with internal security teams, and the continuous improvement of incident response processes to enhance the organization's security posture.

Responsibilities

• Utilize advanced tools for detecting and analyzing advanced threats.
• Conduct in-depth technical analyses of security incidents and document the incident timeline and events.
• Review and analyze user access logs to identify unauthorized or suspicious activities.
• Analyze email logs for phishing attacks, spoofed messages, and other email-related threats.
• Proficiently use Security Information and Event Management (SIEM) systems, Intrusion Detection/Prevention Systems (IDS/IPS), and other security monitoring tools.
• Analyze malware behavior using sandbox environments.
• Provide technical feedback to requests from internal security teams.
• Support mail security during incidents in collaboration with L3-Mail-Security and other email security teams.
• Refine and tune alerting systems based on feedback from incident investigations.
• Maintain and manage the CSOC's knowledge base, including playbooks, processes, and contacts.
• Activate and collaborate with the CIR Service during severe incidents to ensure effective resolution.

Qualifications

• Education: Bachelor’s or Master’s degree in Computer Science, Information Systems, Engineering, Information Security, Cybersecurity, or a related field.
• Technical Skills:
  • Proficiency in SIEM systems, IDS/IPS, and security monitoring tools.
  • Strong analytical skills for complex datasets to identify security threat patterns.
  • Experience in managing incident response and incident management processes.
  • Knowledge of post-incident analysis and documentation/reporting practices.
  • Familiarity with email security measures and incident coordination.
• Soft Skills:
  • Excellent communication and collaboration abilities.
  • Strong organizational skills for documentation and report creation.
  • Capability to manage escalations and coordinate effectively with stakeholders.

Preferred Skills

• Experience with sandbox environments for malware analysis.
• Knowledge of tuning alert systems to enhance detection capabilities.

Experience

• Relevant experience in CSOC or a similar security role is preferred, though specific years of experience are not specified.

Environment

• N/A

Salary

N/A

Growth Opportunities

N/A

Benefits

N/A