Job description
What you will do
JOB QUALIFICATIONS
? 5 or more years of related work experience, preferably in IT Security, Information Systems, or IT related fields.
? Experience working on a 24x7 Security Operations Center or Managed Security Service Provider.
? Ability to work in a team environment and collaborate with outside stakeholders to resolve issues.
? Excellent communication, writing, and interpersonal skills.
? Broad information cybersecurity knowledge, including familiarity with common attack methodologies, tactics
and protocols, Advance Persistent Threat groups, Hacker activities, etc.
? Understanding of common application vulnerabilities, secure coding practices, and common attack vectors is
essential. Knowledge of OWASP Top Ten vulnerabilities is crucial.
? Familiarity with security tools and technologies, such as SAST(Static Application Security Testing), DAST (Dynamic
Application Security Testing), BOT protection web application firewalls (WAFs), and vulnerability scanners.
? Basic knowledge of programming languages (e.g., Python, JavaScript) to understand and assess code
vulnerabilities.
? Experience in network intrusion detection, including experience using common network monitoring tools - IDS,
IPS, SIEM and Syslog.
? Familiarity with threat intelligence services, sources of indications of compromise feeds for SIEM use.
? Understanding of common network vulnerabilities and penetration testing tools including but not limited to
Metasploit, Qualys, Nessus, and Nmap.
? Knowledge of Log analysis, correlate events and identify indicators of threat activity via SIEM Tools; such as IBM
QRadar or Sumo Logic.
? Knowledge of EDR Tools, triage investigation; CrowdStrike, Carbon Black, FireEye.
? Knowledge of Email Security, Phishing/Malware Email Analysis, Data Loss Prevention.
? Knowledge of IOC investigation, OSINT, and Sandbox Analysis.
? Knowledge of Cloud Environment and Cloud Security; AWS, Azure.
? Working knowledge of Networking and infrastructure technologies, WAN/LAN concepts, firewalls, switches, and
routers.
? Knowledge of retail business is preferred.
? Keen attention to detail.
? SEC+, GIAC, CEH, CISA or CISM a plus.
As the Security Operations Analyst, You Will:
? Monitor for potential compromise, intrusion, significant event, or threat to the security posture of the company.
? Assess host and network threats such as computer viruses, exploits, and malicious attacks.
? Capable of determining true threats, false positives, and providing solutions to issues detected in a timely
manner.
? Responsible for collecting, analyzing, escalating, responding, and producing documentation to cyber security
attacks.
? Develop, update, and maintain standard operating procedures and other technical documentation.
? Training and developing skills.