- Serve as the first SOC tier to triage alerts.
- Ensuring threat alerts are contextually analyzed and escalated to the next tier (if further analysis is needed).
- Give feedback and comments on relevant data quality issues.
- Monitor and report on data collection pipeline health.
- Log security incidents and ensure adequate information is available for next-tier analysts.
- Generate and distribute scheduled and ad-hoc reports.
- Capable of operating independently to investigate and escalate alerts in line with operational requirements and SLAs.
-Bachelor's degree in Engineering or Computer Science is a MUST.- Previous experience with SIEM technologies (e.g. QRadar, Splunk, LogRythm, etc.) - Good knowledge of operating systems, mainly Windows and Linux. - Good knowledge of networking protocols, concepts, and technologies. - Good knowledge of foundational security concepts, e.g.: kill chain, defense-in-depth, systems hardening, etc. - Knowledge of cyber threats and vulnerabilities. - Knowledge of adversarial tactics, techniques, and procedures. - Security certifications, such as Security+, GSEC, CEH, or similar. - Previous experience in programming/shell scripting (PERL, Python, Java, Shell, PowerShell, etc.) - Previous experience working as a systems/network administrator. - Previous experience configuring/implementing network security solutions (e.g. SIEM, firewalls, IPS, IDS) - Previous experience with incident response and digital forensics. - Previous experience as a penetration tester.