SOC Analyst

The SOC The soc analyst will be responsible for protecting IFZA\u2019s\ninformation systems identifying, assessing\u202fand\u202fmitigating\u202fsecurity\u202frisks.\u202fThis\u202frole\u202finvolves\u202fmonitoring,\u202fanalyzing, and\u202fresponding\u202fto\u202fsecurity\u202fincidents,\u202fimplementing\u202fsecurity\u202fmeasures,\u202fand\u202fensuring\u202fcompliance\u202fwith\u202findustry\u202fstandards\u202fand\u202fregulations.\u202fThe\u202fideal\u202fcandidate\u202fis\u202fproactive,\u202fdetail\-oriented,\u202fand\u202fpossesses\u202fstrong\u202ftechnical\u202fand\u202fanalytical\u202fskills.<\/span>
<\/span><\/p>

<\/div><\/span>

Requirements<\/h3>
Security Monitoring<\/span><\/b>
<\/span><\/p>
Monitor SIEM dashboards (e.g.,\nMicrosoft Sentinel) and security alerts in real time.<\/span>
<\/span><\/span><\/li>
Track and analyze events from\nsecurity tools (eg . Microsoft Defender)<\/span>
<\/span><\/span><\/li>
Identify suspicious activities,\nanomalies, or policy violations.<\/span>
<\/span><\/span>
<\/span><\/li><\/ul>
Incident Triage & Response<\/span><\/b>
<\/span><\/p>
Perform initial investigation\nand classification of alerts (false positive vs true positive).<\/span>
<\/span><\/span><\/li>
Collect and review logs, event\ndetails, reputation information, and indicators of compromise.<\/span>
<\/span><\/span><\/li>
Escalate confirmed or\nhigh\-severity incidents to L2/L3 analysts with proper documentation.<\/span>
<\/span><\/span><\/li>
Initiate predefined response\nactions (isolating devices, forcing password resets, blocking IPs).<\/span>
<\/span><\/span><\/li><\/ul>
<\/span>
<\/span><\/p>
Threat Analysis<\/span><\/b>
<\/span><\/p>
Check IOC hits against threat\nintelligence sources.<\/span>
<\/span><\/span><\/li>
Analyze phishing emails,\nmalware<\/span>\u202f<\/span><\/span>infections,\nmalicious URLs, attachments, credential\-harvesting attempts and<\/span> <\/span><\/span> <\/span> <\/span><\/span> <\/span> <\/span><\/span> <\/span> <\/span><\/span> <\/span> <\/span><\/span>unauthorized<\/span>\u202f<\/span><\/span>access.<\/span>
<\/span><\/span><\/li>
Identify trends across alerts\nto support early\-stage threat detection.<\/span>
<\/span><\/span><\/li><\/ul>
<\/span>
<\/span><\/p>
Documentation & Reporting<\/span><\/b>
<\/span><\/p>
Create detailed incident\ntickets and investigation notes.<\/span>
<\/span><\/span><\/li>
Conduct<\/span>\u202f<\/span><\/span>root<\/span>\u202f<\/span><\/span>cause<\/span>\u202f<\/span><\/span>analysis<\/span>\u202f<\/span><\/span>and<\/span>\u202f<\/span><\/span>document<\/span>\u202f<\/span><\/span>incident<\/span>\u202f<\/span><\/span>reports<\/span>\u202f<\/span><\/span>with<\/span>\u202f<\/span><\/span>remediation<\/span>\u202f<\/span><\/span>recommendations.<\/span>\u202f<\/span><\/span>
<\/span><\/span><\/li>
Maintain proper incident\ntimelines and updates in the ticketing system.<\/span>
<\/span><\/span><\/li>
Generate reports for repeated\nor trending issues.<\/span>
<\/span><\/span><\/li><\/ul>
<\/span>
<\/span><\/p>
Collaboration<\/span><\/b>
<\/span><\/p>
Work closely with Security Team\nand internal IT teams.<\/span>
<\/span><\/span><\/li>
Communicate effectively with\nusers to validate suspicious activities or login attempts.<\/span>
<\/span><\/span><\/li>
Follow established SOPs and\ncontribute to process improvements.<\/span>
<\/span><\/span><\/li><\/ul>
<\/span>
<\/span><\/p>
Security<\/span>\u202f<\/span><\/span>Awareness<\/span>\u202f<\/span><\/span>and<\/span>\u202f<\/span><\/span>Training<\/span><\/b>
<\/span><\/p>
Conduct<\/span>\u202f<\/span><\/span>security<\/span>\u202f<\/span><\/span>awareness<\/span>\u202f<\/span><\/span>training<\/span>\u202f<\/span><\/span>for<\/span>\u202f<\/span><\/span>employees<\/span>\u202f<\/span><\/span>to<\/span>\u202f<\/span><\/span>promote<\/span>\u202f<\/span><\/span>best<\/span>\u202f<\/span><\/span>practices<\/span>\u202f<\/span><\/span>(e.g.,<\/span>\u202f<\/span><\/span>password<\/span>\u202f<\/span><\/span>management,<\/span>\u202f<\/span><\/span>phishing<\/span>\u202f<\/span><\/span>prevention).<\/span>\u202f<\/span><\/span> <\/span><\/span>
<\/span><\/span><\/li>
Create<\/span>\u202f<\/span><\/span>and<\/span>\u202f<\/span><\/span>distribute<\/span>\u202f<\/span><\/span>educational<\/span>\u202f<\/span><\/span>materials<\/span>\u202f<\/span><\/span>on<\/span>\u202f<\/span><\/span>emerging<\/span>\u202f<\/span><\/span>cyber<\/span>\u202f<\/span><\/span>threats.<\/span>\u202f<\/span><\/span> <\/span><\/span>
<\/span><\/span><\/li><\/ul>
<\/span>
<\/span><\/p>
Threat<\/span>\u202f<\/span><\/span>Intelligence<\/span>\u202f<\/span><\/span>and<\/span>\u202f<\/span><\/span>Research:<\/span>\u202f<\/span><\/span> <\/span><\/span><\/b>
<\/span><\/p>
Stay<\/span>\u202f<\/span><\/span>updated<\/span>\u202f<\/span><\/span>on<\/span>\u202f<\/span><\/span>the<\/span>\u202f<\/span><\/span>latest<\/span>\u202f<\/span><\/span>cyber<\/span>\u202f<\/span><\/span>threats,<\/span>\u202f<\/span><\/span>vulnerabilities,<\/span>\u202f<\/span><\/span>and<\/span>\u202f<\/span><\/span>attack<\/span>\u202f<\/span><\/span>vectors.<\/span>\u202f<\/span><\/span> <\/span><\/span>
<\/span><\/span><\/li>
Analyze<\/span>\u202f<\/span><\/span>threat<\/span>\u202f<\/span><\/span>intelligence<\/span>\u202f<\/span><\/span>reports<\/span>\u202f<\/span><\/span>and<\/span>\u202f<\/span><\/span>apply<\/span>\u202f<\/span><\/span>findings<\/span>\u202f<\/span><\/span>to<\/span>\u202f<\/span><\/span>enhance<\/span>\u202f<\/span><\/span>organizational<\/span>\u202f<\/span><\/span>security<\/span>\u202f<\/span><\/span>posture.<\/span>\u202f<\/span><\/span> <\/span><\/span>
<\/span><\/span><\/li><\/ul>
<\/span>
<\/span><\/p>
Required<\/span>\u202f<\/span><\/span>Qualifications<\/span>\u202f<\/span><\/span> <\/span><\/span><\/b>
<\/span><\/p>
Bachelor\u2019s in<\/span>\u202f<\/span><\/span>engineering,<\/span>\u202f<\/span><\/span>Computer<\/span>\u202f<\/span><\/span>Science,<\/span>\u202f<\/span><\/span>or<\/span>\u202f<\/span><\/span>related<\/span>\u202f<\/span><\/span>field.<\/span>\u202f<\/span><\/span> <\/span><\/span>
<\/span><\/span><\/li>
5\-7<\/span>\u202f<\/span><\/span>years<\/span>\u202f<\/span><\/span>of<\/span>\u202f<\/span><\/span>experience<\/span>\u202f<\/span><\/span>in<\/span>\u202f<\/span><\/span>SOC\noperations.<\/span>\u202f<\/span><\/span> <\/span><\/span>
<\/span><\/span><\/li>
Minimum<\/span>\u202f<\/span><\/span>3+<\/span>\u202f<\/span><\/span>years<\/span>\u202f<\/span><\/span>hands\-on<\/span>\u202f<\/span><\/span>experience<\/span>\u202f<\/span><\/span>in<\/span>\u202f<\/span><\/span>SOC,<\/span>\u202f<\/span><\/span>blue team,<\/span>\u202f<\/span><\/span>or<\/span>\u202f<\/span><\/span>security<\/span>\u202f<\/span><\/span>engineering<\/span>\u202f<\/span><\/span>roles.<\/span>
<\/span><\/span><\/li>
Proven<\/span>\u202f<\/span><\/span>expertise<\/span>\u202f<\/span><\/span>with<\/span>\u202f<\/span><\/span>Microsoft<\/span>\u202f<\/span><\/span>Sentinel,<\/span>\u202f<\/span><\/span>Microsoft<\/span>\u202f<\/span><\/span>Defender,<\/span>\u202f<\/span><\/span>Incident<\/span>\u202f<\/span><\/span>management\nand compromised<\/span>\u202f<\/span><\/span>recovery.<\/span>\u202f<\/span><\/span> <\/span><\/span>
<\/span><\/span><\/li><\/ul>
<\/span>
<\/span><\/p>
Technical<\/span>\u202f<\/span><\/span>Skills<\/span>\u202f<\/span><\/span> <\/span><\/span><\/b>
<\/span><\/p>
Solid<\/span>\u202f<\/span><\/span>grasp<\/span>\u202f<\/span><\/span>of<\/span>\u202f<\/span><\/span>TCP/IP,<\/span>\u202f<\/span><\/span>Windows/Linux<\/span>\u202f<\/span><\/span>internals,<\/span>\u202f<\/span><\/span>AWS/Azure<\/span>\u202f<\/span><\/span>security<\/span>\u202f<\/span><\/span>primitives.<\/span>\u202f<\/span><\/span> <\/span><\/span>
<\/span><\/span><\/li>
Scripting<\/span>\u202f<\/span><\/span>for<\/span>\u202f<\/span><\/span>automation<\/span>\u202f<\/span><\/span>(Python,<\/span>\u202f<\/span><\/span>Bash,<\/span>\u202f<\/span><\/span>or<\/span>\u202f<\/span><\/span>PowerShell).<\/span>\u202f<\/span><\/span> <\/span><\/span>
<\/span><\/span><\/li>
Familiarity<\/span>\u202f<\/span><\/span>with<\/span>\u202f<\/span><\/span>MITRE<\/span>\u202f<\/span><\/span>ATTACK<\/span>\u202f<\/span><\/span>mapping<\/span>\u202f<\/span><\/span>and<\/span>\u202f<\/span><\/span>threat\-hunting<\/span>\u202f<\/span><\/span>methodology.<\/span>\u202f<\/span><\/span> <\/span><\/span>
<\/span><\/span>
<\/span><\/li><\/ul>
Certifications<\/span>\u202f<\/span><\/span>(Good<\/span>\u202f<\/span><\/span>to<\/span>\u202f<\/span><\/span>Have)<\/span>\u202f<\/span><\/span><\/b> <\/span>
<\/span><\/p>
CompTIA<\/span>\u202f<\/span><\/span>Security+,<\/span>\u202f<\/span><\/span>Microsoft\nSC\-200, CEH,<\/span>\u202f<\/span><\/span>CCNA<\/span>\u202f<\/span><\/span>or<\/span>\u202f<\/span><\/span>CCNP<\/span>\u202f<\/span><\/span>\-<\/span>\u202f<\/span><\/span>Security.<\/span>\u202f<\/span><\/span> <\/span>
<\/span><\/li><\/ul>

<\/p>

<\/div><\/span>
Benefits<\/h3>
\u2022 24 annual leave days
<\/span><\/span><\/div>
\u2022 Annual flight home<\/span>
<\/span><\/span><\/div>
\u2022 Life insurance plan<\/span>
<\/span><\/span><\/div>
\u2022 Medical insurance plan (with the option to upgrade at your own cost)<\/span>
<\/span><\/span><\/div>
\u2022 Bonus scheme (in relevant departments)<\/span>
<\/span><\/span><\/div>
\u2022 Invitations to participate in various company functions, staff events, and department team building events<\/span>
<\/span><\/span><\/div>
\u2022 Opportunities to learn, develop and grow with the organization<\/span><\/span>
<\/div><\/span>