- 24/7 SOC activities (monitoring and operations).
- Incident Handling and Response.
- Digital Forensics activities.
- Report writing.
- Traffic Analysis.
- Firewalls (Network Appliances, Software Solutions etc.).
- Enterprise & IP Networks (LAN, WAN, WLAN).
- Intrusion Prevention Systems.
- Anti-Virus Services.
- Vulnerability Assessment.
- Network/Systems Penetration Testing.
KNOWLEDGE AND SKILLS
- High-level understanding of TCP/IP protocol and OSI Seven Layer Model.
- Knowledge of security best practices and concepts.
- Knowledge of Windows and/or Unix-based systems/architectures and related security.
- Sound level of knowledge of LAN/WAN technologies.
- Must have a solid understanding of information technology and information security.
- Expertise in incident response and handling methodologies.
- Knowledge of security event correlation and analytics tools.
- Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
- Knowledge of system and application security threats and vulnerabilities.
- Knowledge of which system files (e.g., log files, registry files, and configuration files) contain relevant information and where to find those system files.
- Knowledge of basic concepts and practices of processing digital forensic data.
- Knowledge of forensic processes for seizing and preserving digital evidence.
Experience with QRadar, Knowledge of server, network devices, security devices and diagnostic tools and fault identification techniques.
EDUCATION AND EXPERIENCE
- Bachelor/Masters in Computer Science, Cyber Security, Information Technology, Electrical/Telcom Engineering.
- Minimum 2 years’ experience in information security/SOC of a large-scale IT/Telco.