
Handle first level response for security events: IDS / IPS alarms, malware (alerting, not triage), account misuse, network security events...
Responsibility
Saudi Only
- The Security Operations Analyst performs real-time analysis and trending of security log data from various security devices and systems.
- maintains data sources feeding the log monitoring system, develops and maintains detection and alerting rules.
- responds to user incident reports and evaluates the type and severity of security events.
- documents incidents and develops reports.
- identifies recurring security issues and risks to develop mitigation plans and recommends process improvements.
- interprets and applies security policies and procedures.
- required to be on standby with on-call availability with varied shifts including nights, weekends and holidays.
- familiar with cyber security standards, protocols and frameworks, and works in accordance with the knowledgeable in using various cyber security monitoring and testing tools and techniques.
- The Security Operations Analyst is diligent and takes an analytical approach to perform real-time analyses.
- skilled in synthesizing trends and insights, and is confident in putting forth creative mitigation plans andsolutions to security incidents.
- Ability to read and understand written English.
- Ability to clearly communicate on the phone and through e-mail/ticket updates.
- Ability to manage multiple tasks simultaneously and prioritize tasks appropriately.
- Good customer service skills. Note: this job requires you to speak to clients throughout the day, please remember when applying.
Education
- Bachelor degree in IT or Cybersecurity.
Skills Required:
- Able to effectively weed out false positives and make decisions on triage steps.
- Assist in creating new processes and automation for Level 1 events.
- Analyze risk alarms and events for customers.
- Able to work in a fast-paced environment with service level agreements in place across clientele.
- Understand and able to use a SIEM for event investigation.
- Keep up on the latest security news and events, and effectively communicate them to team members.
- Linux skills are a plus, but not required.
Experience
- At least 1 year(s) in Cybersecurity.
- Freshers are also encouraged to apply.
Please read all requirements, if it suits you, send us your cv to email address recruitment (@) idealgrc.com and subject SOC L1.