SOC Analyst

The SOC analyst is part of KL SOC team engaged in continues security monitoring, incident response and cyber threat hunting.

Principle Responsibilities

• Analyze security events from endpoints (Windows, Mac, Linux), Network IDS, Web-proxies, Mail-gateways, Active Directory infrastructure

• Detect and investigate information security incidents

• Propose Incident response actions and remediation plan.

• Identification of potential vectors of attacks, develop detection methods of these attacks by existing technological solutions

• Adjust detection logic to fit Customer needs (filter out false positives, customize correlation rules, etc)

• Communicate with Customers regarding detected incidents and suspicious activities.

Mandatory skills

• Practical experience in the identification and investigation of information security incidents, development of recommendations to prevent similar incidents in the future

• Understanding of the methods, tools and processes to respond to information security incidents

• Experience in network traffic and log-files analysis from various sources

• Knowledge of current threats, vulnerabilities, typical of attacks on information systems and tools to implement them, as well as methods for their detection and response

• Knowledge of network protocols, the architectures of modern operating systems and information security technologies

Other requirements

• Experience in work with ELK stack is welcome

• Certifications (Offensive Security, GIAC) are welcome