Cybersecurity Operations (SecOps) Analyst [Incidence Response & M365]

Role Responsibilities:

• Conduct threat analysis, assessment, and malware triage in support of security investigations
• Provide first/second level security support, monitor alerts, handle incidents and service requests
• Coordinate remediation and restoration efforts
• Record identified vulnerabilities, create remediation tickets and track their status
• Recognize and research attacker tools, tactics, and procedures (TTP) in indicators of compromise (IOCs) that can be applied to current and future investigations
• Build internal scripts, tools, and automation processes to enhance detection and response capabilities
• Bachelors in: Computer Science, Information Security, Cybersecurity, or a related degree.
• 2-4 year experience in one or more areas: Security Operations, Incident Response, Information Security Technology, etc.
• Strong security concepts of threat categories (such as malware, phishing attacks, Defense-in-Depth, MITRE ATT&CK framework, etc.)
• Working experiences to security tools such as SIEM, EDR, firewalls, IDS/IPS, anti-spam, content management, server and network device hardening, etc.
• Strong knowledge of Windows, Linux and/or Mac OS and comfortable with looking at, understanding, and investigating Security Event logs.
• Good knowledge of networking protocols (SMTP, HTTP, HTTPS, FTP, DNS, DHCP, etc).
• Experiences of any query language and scripting language
• SharePoint, Excel, JIRA and/or Microsoft Office skills
• Experience in using security orchestration, automation, and response tools
• Experience with query languages and scripting languages
• Strong knowledge and experience working with M365 Security tools, Azure, AWS, GCloud
• Experience in using security orchestration, automation, and response tools