CSOC Level 2 Analyst_T8 | Codersbrain
Job Description
Not specified
Company Overview
Not specified
Job SummaryWell-versed in Microsoft Security Products, including MS Defender for Endpoint, Cloud,\
Identity, AV, and MS Sentinel.
Knowledge of Incident Response frameworks knowledge (NIST, MITRE ATT&CK,
Cyber Kill Chain)
C-SOC Level 2 Analysts are responsible for advanced incident response activities,
comprehensive log analysis, and detailed incident reporting.
Skilled in utilizing tools to enhance the efficiency of Incident Response within a SOC.
Experienced with THOR Scanner, VMRay, and Recorded Future Sandbox is a plus.
Knowledgeable in Application, Cloud, and Infrastructure security, including Firewalls,
Proxies, and Web Application Firewalls (WAF).
Must be willing to provide support and be flexible to work in 24/7 rotational shifts,
including weekends.
Technical Knowledge:
Proficient in using advanced tools to detect and analyze sophisticated threats.
Capable of conducting in-depth technical analyses of incidents, providing detailed
technical information.
Experienced in documenting and analyzing incident timelines and events.
Skilled in reviewing and analyzing user access logs to identify unauthorized or suspicious
activities.
Proficient in analyzing email logs to trace phishing attacks, spoofed messages, and other
email-related threats.
Expertise in using SIEM (Security Information and Event Management) systems,
IDS/IPS (Intrusion Detection/Prevention Systems), and other security monitoring tools.
Experienced in using sandbox environments to safely analyze and understand malware
behavior.
Able to provide technical feedback to internal security teams.
Strong analytical skills to interpret complex datasets and identify patterns indicative of
security threats.
Support mail security during incidents by collaborating with L3-Mail-Security and Mail
Teams to address issues such as spoofed messages and other email threats.
Skilled in refining and tuning alerting systems based on insights from incident
investigations to reduce false positives and enhance detection capabilities.
Responsible for maintaining and managing the SOC Knowledgebase, including
playbooks, processes, and contacts.
Collaborate with the Cyber Incident Response (CIR) Service for activation and incident
management
Not specified
Responsibilities
- Not specified
- Not specified
- Not specified
- Not specified
- Not specified
- Not specified
Qualifications
- Not specified
- Not specified
- Not specified
- Not specified
- Not specified
- Not specified
- Not specified
- Not specified
Preferred Skills
- Not specified
Experience
Not specified
Environment
Not specified
Salary
Not specified
Growth Opportunities
Not specified
Benefits
Not specified