TheSecurity Operations Centre (SOC) houses the cyber security team responsible formonitoring and analysing an organisation's security posture on an ongoingbasis.
The SOC team's goal is to provide 24x7x365 capabilities todetect, analyse, and respond to cybersecurity incidents using a combination oftechnology solutions and a strong set of processes.
TheSOC staff work closely with the Network Operation team (NOC) to ensure securityissues are addressed quickly upon discovery.
Why This Role:TheCyber Security Incident Responder will work with existing skilled IT Securitystaff, responding to cyber security threats in as near real-time as possible.An up to date understanding of relevant IT networks, security standards,authentication protocols, and security related hardware and software within theorganisation is vital.
Expectations From TheRole:•Administer and optimize Microsoft Defender for Endpoint and Defender for Cloud configurations to ensure consistent security baselines across on-premises and cloud environments.
•Implement and maintain Microsoft Purview configuration policies to support data governance, compliance, and information protection strategies.
•Collaborate with IT, legal, compliance, and other key stakeholders to align configuration management practices with organizational policies and regulatory requirements.
•Coordinate with Key stakeholders to conduct investigations of cyber incidents or other security incidents utilising various tools and sources to reverse engineer malware and identify attack vectors to provide an accurate account.
•Conduct regular reviews of Defender and Purview configurations to identify misconfigurations, enforce best practices, and mitigate security risks.
•Intelligence driven investigative analysis, Define and coordinate cyber incident response testing to assess capabilities and breach preparedness
•Creation and maintenance of forensic and incident management policies that govern the handling of incidents
•Conduct research on the latest threats and the latest technological advancements in combating unauthorized access to information
•Perform threat hunting within the corporate environments to detect historic or active malicious/unauthorised activity
•Publish official reports and executive summaries for all major cyber incidents
•Identify and create appropriate controls within the SIEM and other security solution to prevent and detect security incidents
•Develop innovative monitoring and detection solutions using tools and advanced scripting
•Engages with other internal and external parties to get and share information to improve processes and security posture
•Carry detailed forensic analysis during a major incident response.
•Support the wider analyst team with deeper analysis of complex security events and incidents.
Requirements For ASuccessful Application:•Passionate and Professional security mind set
•Strong customer service skills to follow-up with clients and handle escalations
•Capability to ensure confidentiality and discretion in performing sensitive tasks
•Possesses an understanding of cyber-attack techniques, vulnerabilities, and countermeasures
•Technical knowledge of Information Technology and Cyber Security standards
•Expert knowledge of SIEM platforms, IT Forensics and real-time endpoint inspection tools
•Previous experience in handling Incident Response and Forensic analysis
•Understanding of MITRE ATT&CK framework
•Simulation of active exploits and detection
•Strong understanding of SIEM and UEBA
•Strong knowledge of scripting languages such as Python, Powershell.
•Working knowledge of cloud technologies
•Working knowledge on Forensics tools such as Encase, Sleuth kit, Redline & FTK Imager
•3-4 years of experience in the information security field
•2+ years of experience in incident handling
•1+ year of experience in forensic
•Education: Bachelor's Degree or equivalent preferably
Others:We are committed to creating an inclusive and supportive work environment.
If you require any reasonable adjustments during the application or interview process, please let us know, and we will work with you to meet your needs
#eirforall
#J-18808-Ljbffr