L1 SOC Analyst
CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively. CyberProof is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services.
Members of this team will develop and document Alert/Incident Triage and Response processes for the Security Operations L1 and L2 analysts to follow. This will include Investigation Guidelines and recommended actions, investigation research procedures, and recommendations for automations to enable rapid response to alerts/incidents. Also included in this role is the creation and maintenance of Use Case Kit content and metadata within the Use Case Kit Library.
This position should be based in India and will interface closely with both the India and Tel Aviv SOCs.
· Evaluate alert/incident response requirements from stakeholder and determine feasibility of response goals.
· Develop and document Alert/Incident Triage and Response processes.
· Create Investigation Guidelines and recommended actions for Alerts/Incidents.
· Identify procedures that are frequently repeated or systematic in nature that are candidates for automation.
· Ensure completeness and accuracy of the Use Case Kit content and metadata.
· Train the SOC L1 teams on newly developed triage and response procedures as part of the operational acceptance of Use Case Kits.
Must have Skills:
· Minimum of 3 years of experience in Information Security.
· In depth operational experience with SIEM technologies.
· Minimum 1 year experience in playbook and IR response development.
· Minimum of 2 years experience working in a SOC performing Alert/Incident Management and Response as a Level 1 Analyst.
· Demonstrated process orientation and ability to manage complex tasks.
· Strong communicator and fluent in English.
· Penetration Testing experience or Security Assessment consulting.
· Any of the following certifications are a plus: CISSP, C|EH, CISA, CISM, C|CISO, GIAC, CompTIA Security+, NCSF, CCSP, GIAC (any).
· Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively.
· Excellent interpersonal and communication skills, works effectively as a team player