Security Operations Center (SOC) Analyst/Operator
Job Category: Information Technology
Job Type: Full Time
Company Name: PTCL
Posted On: 02 August, 2012
Last Date to apply: 30 September, 2012
The job involves performing basic analysis and correlation on collected events, escalating events to respective members within systems and network administration teams, provide support/assistance services for raised issues via phone and assisting other SOC members by managing information from monitored security controls.
1. Responsible for maintaining the Security Information & Events Management (SIEM) solution components for high availability.
2. Scrutiny of log files including forensic investigation of systems and applications files.
3. Configure asset/log connectors and collectors and fine tune their volume and logging levels.
4. Generate incident and statistical reports and provide lessons learnt analysis.
5. Accountable for carrying out SOC activities as per defined SOPs and policies/procedures.
6. Must poses good understanding of common network services (e.g. web, mail, FTP, etc), network/systems vulnerabilities and network attack tools/vectors.
7. Experienced with regular expressions writing to develop effective correlation rules.
8. Experienced with various UNIX systems administration tasks and knowledgeable of Windows servers applications (e.g. Active Director, Exchange, SharePoint, ISA, etc).
9. Strong analytical, troubleshooting and problem solving skills are required to handle incident response tactics.
10. Willing to work in shifts covering 24/7/365.
11. Poses strong multitasking and triage (categorize, prioritize and assign) skills to handle multiple incident investigations.
12. Minimum 3 years extensive hands on experience with either operating systems (Windows/Unix) and/or network devices (routers, switches and firewalls).
13. Candidates holding CERT Computer Security Incident Handler (CSIH) certification will be highly considered.
1. Candidates with previous experience in ArcSight and/or Envision SIEM solutions are preferred.
2. 5 years or more hands on experience with either operating systems (Windows/Unix) and/or network devices (routers, switches and firewalls).
3. Masters degree in Information Security and/or Computer Science from a reputable university.
4. Holds one or more security certifications such as CISSP, CISA, CCSP, CEH, CHFI, etc.