About the job IT Security Specialist (SOC 4-4)
Desirable Qualification:
Bachelor Computer Science or equivalent .
CEH Certified Ethical Hacker or equivalent.
GIAC Certified Incident Handler (GCIH) or equivalent .
Microsoft Certified Azure Fundamentals Azure.
Cisco Certified Network Associate (CCNA).
Certified Information Security Manager (CISM) or equivalent
Desirable Skills:
Minimum 5 years experience within a similar role
Possess excellent logical and analytical skills to help in analysis of security events/incidents.
knowledge of network security zones, firewall configurations, IDS policies.
In depth knowledge of networking protocols (TCP/IP, SFTP, HTTPS).
Knowledge of packet capture and analysis.
Knowledge of systems communications from OSI Layer 1 to 7.
In-depth Knowledge of log formats and ability to aggregate and parse log data for syslog, http logs, DB logs for investigation purposes.
Experience with Security Assessment tools (NMAP, Nessus, Netcat).
Understanding of common Intrusion Analysis models (e.g., MITRE ATT&CK, Cyber Kill Chain) and ability to apply them to enhance analysis and reporting.
Experienced knowledge of threat areas and common attack vectors (malware, phishing,APT, technology attack etc.).
understanding for Cloud architecture and how an attacker can utilize these platforms.
Familiarity with Information Security industry standards/best practices and relevant regulations (e.g., PCI DSS, SOX, NIST, ISO, CobiT).
Job Descriptions:
Work on-site in client premises SOC 24/7 operation which consists of 4 shift teams.
Provide security expertise to escalated Security incidents.
Act as the Incident Handler for security incidents.
Technical escalation point for the SOC.
In-depth SIEM administration and configuration.
Fully utilize threat intelligence capabilities for proactive threat hunting
Follow agreed security best practices and SOC Processes
Assisting in development of incident response procedures and playbooks
Keep up to date on security developments and news and develop team security knowledge
Be responsible for updating our ISMS (policy, procedures, standards, guidance)
Manages critical business assets inventory and cyber security risk register
Works with Security Engineer, Security Architect and SecOps team to support risk assessments for IT services.
Develops and implements security training & education for IT and wider business teams.
Manages 3rd party security relationships and conduct supplier risk assessments, flag concerns, log risks and remediations.
Conducts internal pen testing and manage external pen tests and vulnerability scanning.
Working with development teams for code analysis and pen testing
Creates phishing campaigns specific to the current climate and business.
Supports incident investigations.
Understanding of security threats, attack scenarios, intrusion detection and incident management.
Strong facilitation and negotiation skills.
Ability to deal with ambiguity and to keep a cool head when dealing with crisis or stressful situations and strong analytical skills.
Good understanding of ISO 27001, Cyber Essentials/Essentials Plus, GDPR and other information security-related regulatory and compliance standards
Hands on experience of pen testing and using various tools, Log carving and log investigation.
Experience with building threat-based Use Cases using frameworks such as MITRE ATT&CK
Cloud computing concepts and service models IasS/ PaaS/ SaaS
Authentication concepts (Windows, AAD, Managed Identity)
PowerShell, Kali Linux, Web Application Security (OWASP)
Vulnerability testing tools (Nessus)
Management of all incidents as per the incident life cycle (Evidence/Follow-up Actions...Etc.) and COMPANY incident handling procedure.