An Exciting Opportunity for ...
· Investigates deeper on the detected behaviours when an incident is escalated by the SOC level 1 analyst
· Add context to the incident to understand the behaviour, analysing data from multiple tools and data sources
· Maintain SIEM and HIPS security sensors and tools
· Monitor security sensors and review logs to identify intrusions
· Escalate security incidents using established policies and procedures
· Perform initial analysis of security events, network traffic, and logs to engineer new detection methods, or create efficiencies when available
· Work directly with threat intelligence analysts to convert intelligence into useful detection
· Identify incident root cause and take proactive mitigation stepa
· Provide analysis of security log data from a large number of heterogeneous security devices
· Review vulnerabilities and track resolution
· Review and process threat intel reports
· Leads and participates to the continuous improvement of the service (detection level, process, operational procedures, service efficiency, service reporting)
· Implement detection use cases
· Liaise with customers on security intrusions and provide swift and accurate remediation
· Supports the SOC manager for the reporting of the activity.