SOC Analyst

a) 24/7 Incident ResponsePerform triage, assess severity of incidentsInvestigate and contain security incidentsExecute predefined response procedures b) 24/7 Alerts MonitoringContinuously monitor security alerts, logs, and network trafficIdentify potential threats or anomalies c) Suspicious Email Analysis and other Security ValidationsRespond to reported suspicious emailsAnalyze suspicious emails, trigger email threat remediation actionsPerform validations for reported suspicious activities and other cybersecurity concernsProvide recommendations on analyzed concerns d) Documentations and other tasksAssist in developing and executive Recovery PlanParticipate in investigations or forensics activitiesParticipate in change management processesAssist in troubleshooting hardware and software issues of Collectors and MXDR agentsDocumentation of Incident Reports, weekly/monthly reporting, maintenance of trackers and other relevant documentsDetection Rules review and configuration e) Threat Intelligence duties Performance relevant Threat Intelligence team responsibilities such as, but not limited to:Indicators of compromise (IOCs): Collect, analyze, disseminate, and initiate blacklistingCompromised accounts: Monitor and validate Client's password leaksBrand protection initiatives: hunting of trademark infringements and other violations, impersonations, and sales scams. Perform validations, request for takedown, and monitoring Others:Threat Intel publications and release of advisories, and other reportsMonitor releases of new vulnerability advisories, disseminate and trackMonitor of other potential leaks relating to Client (e.g. code repository, database, etc.)Implement and enforce security policies, procedures, and best practices.Track and validate security controls, addressing deviations and risks Qualifications:Bachelor Graduate of Computer Science, IT or other related courseHave at least 3- 5 years of experience as a SOC Analyst or Security EngineerHands-on experience in L2 incident response such as containment, isolation, root cause analysis and deep probing analysis.Proficient in documentation, strong incident, attack response and containment skills.Has experience in cyber threat intelligence is an advantage. R