Security Operations Center

Provectus is a global technology consulting firm and AWS Premier Partner, that designs and builds solutions for industry-specific use cases, leveraging expertise in data, machine learning, and cloud technologies while fostering a collaborative and inclusive culture.

We are seeking a dedicated and proactive Security Operations Center (SOC) Analyst to join our dynamic SOC team. As a Tier 2 SOC Analyst, your role is pivotal in enhancing the security posture. You'll leverage your expertise to monitor and analyze security events, investigate incidents, and provide advanced threat detection and response. Collaborating closely with Tier 1 analysts and other teams, you'll triage and escalate security incidents as necessary, ensuring timely resolution and minimizing impact. Your responsibilities include fine-tuning detection mechanisms, developing playbooks, and conducting thorough forensic analysis to identify root causes and mitigate future risks.

**Requirements**:

- Minimum 5 years of experience of relevant SOC work experience.
- Bachelor’s degree in Computer Science (Computer Security/Information Security degree preferred).Desirable certifications: CySA+, eJPT, PNPT, OSCP, CISSP, CompTIA Security+, CCNA, SANs GSEC, GCIH, GCIA, EC Council C\u007CEH (one or more).Good knowledge of UNIX Shells, NAC, SIEM, CASB, SOAR, EDR, FW, IPS/IDS, and Sandboxes.
- Must be familiar with the following: Permissions management, DLP, Active Directory, and VPN.
- Hands-on experience with Anti-Virus, Firewalls, Phishing mitigation, and Wireshark, Syslog, and network log formats.
- Knowledge of network and common protocols.
- Scripting experience with PowerShell, Bash, Java, or Python.
- Experience with root cause analysis.
- Strong verbal and written communication skills with the ability to articulate complex ideas in easy-to-comprehend business terms.
- Able to organize and prioritize, completing tasks to tight deadlinesComfortable taking ownership of own work, identifying the need for action whilst working effectively within a team.
- At least Intermediate level of English.

**Responsibilities**:

- Monitor network, security, system, and cloud environments for events and perform triage analysis to identify or prevent incidents; perform network, security, system, and cloud incident response as needed.
- Monitor dashboards for malicious events, phishing events, spoofing events, DDoS attacks, SQL Injection events, network connectivity events, system/device performance events, and other potentially high-risk incidents.
- Identify suspicious/malicious activity.
- Perform static and dynamic malware analysis.
- Perform offensive and defensive testing in virtual environments.
- Respond promptly and effectively to security incidents and threats discovered by SOC Analyst Level I and carry out effective Level II analysis of incidents.
- Perform incident detection, response & remediation, threat hunting, digital forensics, and configure alerting rules.
- Deep analysis of network and endpoint data to detect and mitigate potential risks.
- Accurately document cases during investigations and effectively communicate findings to Level I Analyst or escalation team to ensure complete handover of work streams.
- Generate quality technical reports containing methodologies, findings, and recommendations.
- Continuously improve incident management processes through periodic threat hunting exercises, knowledge optimization effort building, and by comprehensive diagnosis and analysis of incident trends.
- Work with external stakeholders to understand operational needs and develop effective processes.