CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively.
CyberProof is part of the UST family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.
CyberProof is seeking SOC level 2 Analyst , who will be part of our growing SOC group, which handles monitoring and investigating security incidents and violations, as well as suspicious activity and handle their resolution.
Areas of responsibilities:
- Resolve, escalated report and raise recommendations for resolution and remediation for security incidents
- Advanced monitoring of system logs, SIEM tools and network traffic for unusual or suspicious activity.
- SIEM (Security Information and Event Management):
- Setting up various SIEM solutions and troubleshooting connectivity issues.
- Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions.
- Collate security incident and event data to produce monthly exception and management reports.
- Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
- Assist and train team members in the use of security tools, the preparation of security reports and the resolution of security issues.
- Develop and maintain documentation for security systems and procedures.
- Recommend, schedule and/or apply fixes, security patches and any other measures required in the event of a security breach.
- Experience in working as a Senior Analyst as part of a Soc group for 2+ years
- Experience in working with Demisto
- Experience working with different Siem vendors like Qradar, Archsight, RSA, Logrythem
- Experience in incident response, writing procedures runbooks and playbooks
- Ability to work with customer's IT and security teams as well as directors’ level.