Requirement:
- 1+ years of Cybersecurity experience, including expertise in XDR, incident handling, and threat intelligence/hunting.
- Bachelor’s/Master’s Degree in Cybersecurity or related fields.
- Proven interest in cybersecurity, incident detection, and network/systems security.
- Strong understanding of IT security best practices and attack detection/prevention methods.
- Proficiency in analysing and interpreting system, security, and application logs.
- Experience with Splunk for Threat and Incident Detection; familiarity with ArcSight, LogRhythm, QRadar preferred.
- Sound grasp of Cyber Kill Chain, MITRE ATT&CK frameworks, and TCP/IP principles.
- Proficiency in identifying attack activities and using professional certificates (e.g., CCIE, OSCP, CISSP, etc.).
- Aspiration to lead and mentor, with exceptional organizational and communication skills.
- Extensive IT focus, adept problem-solving skills, and the ability to work under pressure.
- Fluency in English required;
- Skilled in developing SIEM content and automation tools (SOAR);
Primary Roles & Responsibilities:
- Handle SOC reporting for customers, ensuring clear and timely communication of SOC activities and updates.
- Understand and manage SOC processes effectively, ensuring smooth operations and customer satisfaction.
- Understands tools such as SIEM, SOAR, XDR, and EDR for efficient SOC management and reporting.
- Demonstrate strong interpersonal skills, both written and oral, to communicate effectively with customers and internal teams.
- Maintain strong communication and documentation skills, ensuring all activities are well-documented and reported.
- Ensure appropriate and timely reporting to all stakeholders for any changes, implementations, or other activities.
- Establish and maintain good rapport and relationships with customers, SOC operations, and other internal teams to ensure customer satisfaction.
- Engage in constant learning to stay up to date with new products and technologies.
- Serve as an L2 Engineer with good knowledge of cybersecurity, acting as the single point of contact (SPOC) for our SOC customers.
- Conduct regular review meetings with customers on a weekly, monthly, and quarterly basis as required.
- Conduct knowledge-sharing sessions and explain reports to customers and internal stakeholders.