SOC Analyst - Tier 2
‍Job Description

Why SHELT:

‍

SHELT offers cloud-based security services to trusted global clients through a cybersecurity-as-a-service partnership model that is designed to sustainably and effectively shelter your company from data theft and cyberthreats. SHELT also offers network consultancy, design, implementation, and maintenance services.

‍

SHELT is where each person is unique, but we bring our talents to work as a team and make a difference, powering an inclusive future for all. We encourage the inclusivity of opinion and diversity of ideas. We want to have a positive impact on our customers, our employees, and society.

‍

‍

I-  Job Summary:

A SOC (Security Operations Center) Tier 2 Analyst oversees doing in-depth analyses and dealing with security incidents that have been escalated from Tier 1.This mid-level position involves analyzing and mitigating more complex security threats, performing advanced forensic analysis, and improving the overall security posture of the customers. The Tier 2 Analyst serves as an interface between the initial incident detection and the more specialist security response and remediation operations.

II-  Duties& Responsibilities:

‍

1.    Incident Investigation:

· Conduct thorough investigations into security incidents reported by Tier 1 analysts.

· Analyze logs, network traffic, and other data sources to determine the extent and severity of incidents.

· Conduct root cause analysis to determine how problems occurred and how to prevent them in the future.

‍

2.    Incident Response:

· Lead the response to confirmed security incidents, working with IT and other organizations as needed.

· Address security concerns by implementing containment, eradication, and recovery procedures.

· Document full incident reports and corrective actions taken.

‍

3.    Threat Hunting:

· Proactively seek potential security threats and weaknesses in the customer's IT environment.

· Create and deploy threat hunting strategies and methodologies for detecting advanced persistent threats (APTs).

‍

4.    Forensic analysis:

· Conduct digital forensic investigation on compromised systems to collect evidence and better understand attack pathways.

· Use forensic technologies and techniques to aid in incident investigations and legal proceedings when needed.

‍

5.    Enhanced Security Measures:

· Collaborate with IT and security departments of customers to enhance security controls and procedures.

· Improve security policies, processes, and technology based on incident investigation results.

‍

6.    Mentoring and Training:

· Provide Tier 1 analysts with advice and support as they expand their abilities and knowledge.

· Participate in and contribute to continuous training and development initiatives at the SOC.

7.    Acting as SOC- IT Specialist.

III-  PositionExpectation:

‍

1.    Technical expertise:

· Show a thorough understanding of security ideas, tools, and procedures.

· Keep updated with the newest cybersecurity trends, risks, and technology.

‍

2.    Collaboration:

· Collaborate with other SOC team members, IT personnel, and external customers to handle security incidents and reporting.

· Develop a collaborative and cohesive team environment.

‍

3.    Communication:

· Maintain excellent communication with management and customers on the incident's status and impacts.

· Generate clear and complete incident reports and documentation.

‍

4.    Proactive Engagement:

· Take a proactive approach to identifying and mitigating potential security threats.

· Engage in continuous improvement activities to increase the SOC's capabilities and effectiveness.

IV- Skills andQualifications:

‍

1. Education:

· A bachelor's degree in computer science, information security, or a field that is related.

· Advanced certifications, such as Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), orCertified Incident Handler (CIH), are plus.

‍

2. Experience:

· 2-5 years of experience in cybersecurity, IT security, or related roles.

· Proven expertise in incident response, threat analysis, and digital forensics.

‍

3. Languages:

· Proficiency in English, both written and verbal, is required.

· Additional language skills are a plus, depending on the organization's global presence.

‍

4. Technology:

· Extensive knowledge of security tools including SIEM, IDS/IPS, firewalls, EDR, and forensic software.

· Proficiency in network and system administration, including knowledge of Windows, Linux, and cloud systems.

· Experience in scripting and automation languages such as Python, PowerShell, and Bash.

‍

5. Competencies:

· Strong analytical and critical thinking skills.

· Capability for performing thorough analysis of security incidents and threats.

· High level of technical proficiency in cybersecurity technologies and procedures.

· Ability to quickly learn and use new security technology and approaches.

· Effective problem-solving abilities for detecting, containing, and correcting security incidents.

· Ability to think creatively to develop innovative security solutions.

· Clear and straight forward communication, both written and verbal.

· The ability to communicate technical concepts to non-technical people.

· Collaborative approach and readiness to help team members.

· Capability to lead emergency response activities and collaborate with multiple groups.

· Strong ethical and integrity standards when dealing with sensitive security information.

· Commitment to protectingconfidentiality and following corporate policies.

‍