YOUR ROLE
This role involves working in a 24/7 Security Operations Center (SOC) environment, monitoring and triaging security alerts from various tools such as SIEM systems, firewalls, IDS/IPS, and endpoint security solutions. The position requires investigating and analyzing security events, communicating findings, escalating incidents when necessary, and supporting incident response activities for confirmed threats. Additionally, the role includes managing security service requests, addressing stakeholder inquiries, maintaining SOC procedures and guidelines, and collaborating with senior analysts and leadership to improve processes, support daily operations, and contribute to projects and ad hoc tasks.
WHAT ARE YOU GOING TO DO
- Responsible for working in a 24x7 Security Operation Center (SOC) environment in shifts.
- Continuously monitors and triage the security alerts from different sources (SIEM / log management and various security controls / tools such as firewalls, email gateways, endpoint security, WAF, IDS/ IPS and DLP, etc).
- Effectively troubleshoot and investigate security events, communicate findings, and escalate concerns to staff as directed.
- Process and manage requests for various security services, for example, responding to security inquiries from affiliates/ stakeholders, reviewing malicious or blocked attachments or domains, requesting firewall and email blocking because of an investigation.
- Provide Incident Response (IR) support when analysis confirms an actionable incident.
- Ensure the external stakeholder requests and escalations are handled.
- Maintains the SOC standard operating procedures (SOP), processes and guidelines.
- Support the SOC Senior, Lead and SOC Manager in various tasks and projects.
- Works closely with SOC RUN Senior Analyst (L3) and SOC RUN Lead towards the continuous improvement of the service.
- Execute daily ad hoc tasks or lead projects as needed.
WHAT ARE WE LOOKING FOR
- Bachelor's degree in Computer Science, Computer Engineering, IT Security, or a related field; alternatively, equivalent demonstrated knowledge.
- Highly technical with at least 3 years of relevant experience as an analyst in IT Security or SOC.
- Experience with Security Operations Center, network event analysis and/or threat analysis
- Knowledge of various security methodologies and technical security solutions.
- Experience analysing data from cybersecurity monitoring tools such as SIEM / SOAR platforms, host and network logs, firewall and IPS/IDS logs and email security gateway.
- Strong level of experience with and understanding of firewalls, antivirus, and endpoint detection.
- Solid understanding of threats reported by various data sources such as IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies.
- Knowledge of commonly accepted information security principles and practices, as well as techniques attackers would use to identify vulnerabilities, gain unauthorized access, escalate privileges, and access restricted information.
- Strong understanding of security operations concepts: perimeter defense, endpoint management, data leak prevention, kill chain analysis and security metrics.
- Knowledge of network protocols (TCP/IP DNS DCHP)
- Knowledge of common network tools.
- Knowledge of the common attack vectors on various layers.
- Experience understanding of various SIEM concepts such as correlation, aggregation, normalization, and parsing is preferred.
- Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
- Attention to detail and strong communicator.
- Knowledge and experience working with the Cyber Kill Chain Model, MITER ATT&CK Matrix.
WHAT WE OFFER
- Competitive basic salary
- HMO w/ 2 free dependents from day 1 of hiring
- Medical reimbursement (includes eyeglasses)
- Life insurance
- 20 annual leaves + bereavement leave + wedding leave
- Hybrid set up w/ 3 days a week onsite and 2 days WFH. This will depend on the business needs and agreement with the manager.
- Annual Performance Reviews w/ a chance of a salary alignment
- Annual Company Performance Bonus
- Retention Bonus (similar to a signing bonus)
- Retirement Fund
ABOUT TOMORROW
We value your professional and personal growth. That's why we share plenty of career opportunities for you to thrive within CEVA. This role can be the first step on your career path with us. You can stay in the same job family, find a new family to grow in (an almost limitless number of options) or find your own path. Join CEVA for a challenging and rewarding career.
