Job Profile: Cyber Security Level 3 Analyst
Qualification
o Training
• Certification: SC-200 Microsoft Security Operations Analyst is advantageous.
• Cyber Security Incident Response and Defense Trainings in general are advantageous.
• Certifications such as CISSP or similar are advantageous.
Experience (type of)
• Several years of experience in Cyber Security analysis, Cyber Defense blue or purple teams, Security Incident
Response & Recovery or a similar role.
• In-depth understanding of current threat landscapes, attack methods, and vulnerabilities.
• knowledge in network protocols, operating systems, security architectures, firewalls, IDS/IPS, and other security
technologies.
• Bachelor's degree in Computer Science, Information Security, or a related field.
• Excellent problem-solving skills and the ability to communicate complex security concepts effectively.
• Team-oriented mindset and the ability to collaborate effectively with various stakeholders.
Specific knowledge
• Strong knowledge of modern workplace solutions, e.g. Identity Security (AD, Azure Active Directory), Zero Trust
transformation (e.g. work from anywhere)
Experience with M365 Security, (e.g. MS Defender, MS Sentinel) tools and other advanced security products for
analyzing security events
• Experience with SIEM tools (especially MS Sentinel) and other advanced security products for monitoring and
analyzing security events.
• Experience in developing SIEM Use Cases is advantageous
• Experience in Threat Hunting is advantageous
• Knowledge in Server and Workstation Operating System Hardening
• Experience in Cloud Security (e.g. Azure & AWS)
1 Act as focal point for critical security Alert, Events and Security Incidents.
Conduct Security Incident Triage: examine malicious code (malware), attack vectors, network
communication methods, analyze threats against target systems, applications and networks
2 Manage Security Incidents throughout the event life-cycle
Responsible for managing threats, sharing information, and handling, responding to, and investigating all
incident escalation, involving and coordinating Level 2 SOC Analysts and involved internal stakeholders and
exernal partners such as the Cyber Incident Response and forensic retainer
3 Conduct Threat Hunting throughout the whole security landscape tools including developing and refining use
cases within the SIEM focusing on emerging threats. Define and refine security policies for security sensors
and tools such as AntiVirus, EDR, CASB, Cloud Policies etc..
4 Develop and refine playbooks and working instructions, knowledge base articles to improve process stability
and include lesson’s learned as continuous improvement process.
5 Responsible for training and mentoring their Level 2 Analysts in order to improve CSOC Analyst capability.
6 Serve as subject matter experts in providing recommendations to the SOC Incident Manager and other
members of Cyber Security and IT management for escalation and remediation.
7 Investigation and ensuring root cause and resolution for metrics, tracking, lessons learned preparation,
documentation and disseminated in conjunction with the respective processes
8 Determine target network capabilities and vulnerabilities, support evaluation, development and
maintenance of new tools and techniques to exploit specific targets, and produce technical after-action
reports in support of the CSOC
send cv to ravindragotavade007@gmail.com
0 Comments