Back to search
Qualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
- Experience in cybersecurity operations, incident response, or related SOC environment.
- Familiarity with enterprise IT environments, networks, and security technologies.
- Ability to analyze and interpret security data and alerts
- Experience with SIEM platforms (e.g., Splunk, QRadar, Sentinel).
- Knowledge of endpoint detection and response (EDR) tools.
- Understanding of networking fundamentals (TCP/IP, DNS, HTTP, etc.).
- Familiarity with threat intelligence and common attack techniques.
- Strong analytical and problem-solving skills.
- Ability to work in a fast-paced, 24x7 operational environment.
- Effective communication and documentation skills
- Required Certifications
- Role-appropriate cybersecurity certifications demonstrating competency in security operations and incident response.
- Examples include: CompTIA Security+, CySA+, CEH, GSEC, or other relevant certifications
- Monitor security events and alerts using SIEM and other security monitoring tools.
- Analyze logs, alerts, and network traffic to identify potential security incidents.
- Perform incident triage, investigation, and escalation in accordance with established procedures.
- Document incidents, findings, and response actions in ticketing systems.
- Support incident response activities and coordinate with internal teams as needed.
- Follow and maintain SOPs, playbooks, and response procedures.
- Identify false positives and tune detection rules where appropriate.
- Support vulnerability management and threat detection initiatives.
- Participate in continuous improvement of SOC processes and capabilities.
Learn more about this Employer on their Career Site
