Memad3 Logo
המימד השלישי גיוס והשמה

SOC Expert (L2/L3)

SOC Expert (L2/L3)




Responsibility of / Expectations from the Role :
• Managing the Security Operation center & experience in management, configuration of ArcSight. 
• Investigates alerts daily. Reviews the most recent SIEM alerts to see their relevance and urgency. 
• Carries out triage to ensure that a genuine security incident is occurring. Oversees and configures security monitoring tools.
• Deals with critical incidents. Carries out vulnerability assessments and penetration tests to assess the resilience of the organization and to isolate areas of weakness that need attention. 
• Reviews alerts, threat intelligence, and security data. Identifies threats that have entered the network, and security gaps and vulnerabilities currently unknown
• Addresses real security incidents. Evaluates incidents identified by tier 1 analysts. 
• Uses threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and the extent of the attack. 
• Analyses running processes and configs on affected systems. Carries out in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted. 
• Creates and implements a strategy for containment and recovery
• Co-ordination with customer & different teams 
• Prepare / Updation of SOC Process document 
• Help in Training the SOC SME’s

דרישות התפקיד

Must-Have:  ArcSight SIEM Management & configuration, SOC operation, Leadership, Interpersonal & Communication Skills

Good-to-Have: and Security Orchestration and Automation (SOAR),Create Use Cases, Automation, Certification CISSP , Deep understanding in Web application fire wall (WAF), Linux and windows operating systems, Database Security and Vulnerability Management Tools 

Background: Cyber Security Domain

כישורים נדרשים