Skills & Experience:

• Technical Skills:
• • Proficient in monitoring, detecting, and responding to cybersecurity threats using SIEM tools (e.g., Splunk, QRadar, Azure Sentinel).

○ Strong knowledge of network security protocols, firewall management, intrusion detection/prevention systems (IDS/IPS).

○ Experience with endpoint protection tools and vulnerability assessment platforms.

○ Familiarity with incident response processes and forensic analysis.

○ Working knowledge of scripting languages (e.g., Python, PowerShell) for automation and investigation.

○ Understanding of security frameworks and standards (NIST, ISO 27001, CIS Controls).

Experience:

• • Minimum 3-5 years of hands-on experience in a Security Operations Center (SOC) or cybersecurity analyst role.

○ Proven track record of handling security incidents, triaging alerts, and escalating critical threats.

○ Experience working with cloud security environments (AWS, Azure, GCP) is a plus.

○ Exposure to threat intelligence and threat hunting activities.

• • Bachelor’s degree in Computer Science, Information Security, or related field preferred.

○ Industry certifications such as CompTIA Security+, CEH, CISSP (Associate), or GIAC certifications are desirable.

Responsibilities:

• Monitor security alerts from various sources and analyze to identify potential security incidents.
• Perform initial triage and investigation of security events, escalating issues as necessary.
• Support incident response activities, including containment, mitigation, and remediation.
• Maintain and tune security tools and SIEM rules to improve detection capabilities.
• Collaborate with other IT teams to implement security controls and remediate vulnerabilities.
• Assist in generating reports on security posture, incidents, and trends for management review.
• Stay updated with the latest cybersecurity threats, vulnerabilities, and mitigation techniques.