Security Operations Center Analyst

Job Description

SANS Certification must be completed and passed within the last 36 months

• Each SOC Analyst must have experience working in a company or MSSP that has at least with 3,000 Users enrolled being monitored.
• Each SOC analyst shall be supported by Subject Matter Experts from the Global Service Center of excellence for any technical needs.
• Each SOC analyst must be proficiency in Regex, PowerShell and python.
• The resources selected to the SOC monitoring are from the same vendor providing Global SOC, MDR and NOC/DC SERVICES.
• The Global Service Center supporting the onsite SOC Analyst must have experience in managing SOC (24/7/365) operation in Oil and Gas Industry
• The Service Provider providing the SOC Analysts resources and Services for SOC Services must have good records in terms of delivering services / SLA and did not receive any Notice of Delay or Warning notice.
• The Service Provider must have good track record of serving large enterprises and government entities, demonstrating their ability to handle complex security requirements.
• The SOC Analysts resources provided to the Services should be provided directly from the Service Provider.
• The resources selected to the SOC monitoring are from the same vendor providing the Global SOC, MDR and NOC/DC services and leader in discovering and handling complex environment and with successfully reporting and handling 0 - day vulnerabilities during SOC monitoring.
• The Service Provider must have 24/7 dedicated physical premises used for SOC monitoring. The SOC facility must be (SOC 2) certified or equivalent.
• The Service Provider has been successfully providing managed security services for at least 10 years.
• The Service Provider providing the SOC Analysts resources for SOC Services must have experience in managing IT/OT SOC operations.
• The SOC Analyst personnel allocated to the execution of the above services shall have been working as direct hire for at least six (6) months with the relevant Service Provider.

SOC Analyst personnel allocated to the execution of the services shall have:

• knowledge about IT and OT infrastructure
• Experience using Security solutions like firewalls, proxy, EDR, Servers, Azure, DLP, Anti-Virus, Email Gateway Security, Qualys, ITSM,
• Experience using one of the following SIEM solution: Microsoft Sentinel SIEM, SPLUNK, LogRhythm, QRADAR.
• Strong analytical and problem-solving skills, with the ability to handle complex security incidents.
• Excellent communication and collaboration skills.

The SOC Analyst must provide the following:

• Investigate and analyze complex security incidents, including advanced persistent threats, targeted attacks, and insider threats.
• Provide guidance and mentorship to junior SOC Analysts to support their professional development.
• Develop and maintain standard operating procedures for incident response and threat hunting activities.
• Assist in the design and implementation of security monitoring and response improvements.
• Collaborate with other security teams to develop and enhance the organizations overall security posture.
• Collaborate with other security teams to follow up with affected users until closing the tickets in effective manner and in line with the SLA.
• Contribute to tuning of use cases, suggest improvements to Use-cases and write run books.

Keyskills :