Security Operations Specialist
31.01.2022 Remote | Fulltime
If you fit in this offer, please send your CV mentioning the job title to: email@example.com
The Security Operations Specialist shall be responsible for the following, but not limited to:
•Work with alerts from cSOC Analysts, to perform in depth analysis and triage of network security threat activity based on computer and media events, malicious code analysis, and protocol analysis;
•Identify incident root cause and take proactive mitigation steps;
•Act as Incident handler;
•Work directly with cyber threat intelligence analysts to convert intelligence into useful detection;
•Collaboratewith incident response team to rapidly build detection rules and signatures as needed;
•Perform lessons learned activities;
•Leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
•Generate reports for Security Incidents activities;
•Reviews and collects asset data (configs, running processes, etc.) on these systems for further investigation.
•Use strong TCP/IP networking skills to perform network analysis to isolate and diagnose;
•Document actions in cases to effectively communicate information internally and to client;
•Determines and directs remediation and recovery efforts.
•Proven experience inresponding to a security Incident leveraging Microsoft Security Tools (e.g. M365, Cloud App Security, Azure, Defender for Endpoints, Azure Security, Azure Sentinel and XDR
•Proven experience responding, investigating to security incidents in cloud environment (AWS, Azure, GCP)
•Proven experience investigating alerts using EDR solutions (ATP, Crowdstrike, RedCloak, Sentinelone)
•Proven experience generating a security Incident report•10years of relevant experience in administration /support of one of the following services or technologies
▪Active Directory Services
▪Perimeter network infrastructure (IPS/IDS/Firewalls)
▪Operating systems (Windows 2008, Windows 2012, Windows 10, Linux, Apple iOS)
▪Exchange /Domino/Email services
▪Active Directory Federation Services
▪Endpoint protection tools
▪SIEM/log management solutions
•Two years’ experience providing analysis and trending of security log data from a large number of heterogeneous security devices
•Extensive Windows, Linux, Database, Application, Web server, etc. log analysis
Any one of the following certifications
•MCSE, CCNA, GCIH, CEH, GCFA or any SANS certification
Required Soft Skills:
• Customer Oriented: Proactively identifies current and anticipates emerging client needs and investigates how these may be met
• Teamwork: Develops and promotes effective relationships with colleagues and team members. Deals constructively with conflicts.
• Communicating: Expresses oneself clearly in conversations and interactions with others; listens actively. Produces effective written communications (in English). Ensures that information is shared.
• Respecting and promoting individual and cultural differences: Demonstrates the ability to work constructively with people of all backgrounds and orientations. Respects differences and ensures that all can contribute.
• Knowing and managing yourself: Manages ambiguity and pressure in a self-reflective way. Uses criticism as a development opportunity. Seeks opportunities for continuous learning and professional growth.
• Producing results: Produces and delivers quality results. Is action oriented and committed to achieving outcomes.
• Moving forward in a changing environment: Is open to and proposes new approaches and ideas. Adapts and responds positively to change.
UNICC is committed to achieving diversity and inclusion within its workforce, providing an environment that reflects the values enshrined in the Charter of the United Nations and encourages all qualified applicants, irrespective of gender, nationality, disabilities, sexual orientation, culture, religious and ethnic backgrounds to apply. ICC is dedicated to the SDGs, making SDG-5 (Gender Equality) and SDG-10 (Reduce Inequalities) the organization goals.