SOC Investigator

Description

Provide 24/7 visibility, proactive threat detection, rapid investigation, and continuous threat hunting. The SOC is the front line of defense and the backbone of security operations.

Responsibilities

• Conduct full incident investigations on medium- and high-severity events

• Correlate telemetry from multiple sources (EDR, network, IAM, logs)

• Coordinate with response teams for containment and remediation

• Perform root-cause and impact analysis

Requirements

• Deep understanding of attacker lifecycle and kill chain

• Memory forensics and host artifact analysis

• Packet capture and traffic analysis

• Scripting for enrichment and automation

Tools & Platforms

• EDR / SOAR platforms

• Volatility / FTK – memory analysis

• Wireshark – network inspection

• Threat Intel platforms – enrichment & pivoting