Work closely as part of the team, and be independent to handle incidents, and drive incidents to resolution as well as learning and improving from them
Collaborate with colleagues on various security projects and contribute towards best practices of processes, technology used and overall security awareness
Maintain and improve the security technologies deployed, including creating use cases, customizing, or better configuring the tools based on past and current threats
Proactively point out possible issues, ensure detailed reporting, and stay available for support until an issue is resolved
Contribute to the 24/7 defensive capabilities of the SOC for the overall security of the organization and customers
Analyze logs from Security Information & Event Management system to create reports and better prepare for suspicious events or malicious efforts
Perform penetration testing, vulnerability scanning, manage and track remediation of identified vulnerable systems
Requirements
5+ years of Information Security experience
2+ years coding and scripting experience in Python, Linux shell scripting or Windows Powershell scripting
Working experience with integration with different security systems and devices
Working experience and knowledge of SOAR platforms and solutions
2-4 years of systems analysis
Experience with computer network / application penetration testing and techniques
Familiarization with a variety of information and network security tools (Azure Sentinel SIEM, QRadar SIEM, Splunk, McAfee Security Suite, Cisco IDS/IPS, Tenable Nessus, and Palo Alto, among others)
Familiarization with a variety of Network Access Control software (Cisco ISE, ForeScout, etc.)
SQL or KQL knowledge is considered as advantage
Operational knowledge of API is considered as advantage
Bachelor’s degree in computer information systems or related field
Excellent writing and communications skills in English.