eTeam
We are looking for a proactive and analytical Security Operations Center (SOC) Analyst to join our AI-driven threat detection and incident response team. The ideal candidate will be experienced in monitoring, analyzing, and responding to security threats using both traditional methods and modern AI-powered tools.
Key Responsibilities:
Monitor and analyze security alerts from various sources including SIEMs, EDRs, and AI/ML platforms. Use AI/ML-based tools to identify, triage, and respond to cyber threats in real time. Investigate security incidents and perform root cause analysis. Collaborate with threat intelligence, incident response, and engineering teams to mitigate risk. Continuously refine detection rules and use case development. Maintain and enhance runbooks and incident response processes. Provide regular reporting on SOC metrics and security events. Qualifications: Bachelor's degree in Cybersecurity, Computer Science, or a related field. 2+ years of experience working in a SOC environment. Experience with SIEM platforms (e.g., Splunk, QRadar, LogRhythm) and EDR tools (e.g., CrowdStrike, SentinelOne). Familiarity with AI/ML technologies used in threat detection (e.g., Darktrace, Vectra AI, Microsoft Defender for Endpoint). Strong knowledge of MITRE ATT&CK framework and incident response lifecycle. Relevant certifications such as CEH, GCIA, GCIH, or CompTIA CySA+ are a plus.
Key Responsibilities:
Monitor and analyze security alerts from various sources including SIEMs, EDRs, and AI/ML platforms. Use AI/ML-based tools to identify, triage, and respond to cyber threats in real time. Investigate security incidents and perform root cause analysis. Collaborate with threat intelligence, incident response, and engineering teams to mitigate risk. Continuously refine detection rules and use case development. Maintain and enhance runbooks and incident response processes. Provide regular reporting on SOC metrics and security events. Qualifications: Bachelor's degree in Cybersecurity, Computer Science, or a related field. 2+ years of experience working in a SOC environment. Experience with SIEM platforms (e.g., Splunk, QRadar, LogRhythm) and EDR tools (e.g., CrowdStrike, SentinelOne). Familiarity with AI/ML technologies used in threat detection (e.g., Darktrace, Vectra AI, Microsoft Defender for Endpoint). Strong knowledge of MITRE ATT&CK framework and incident response lifecycle. Relevant certifications such as CEH, GCIA, GCIH, or CompTIA CySA+ are a plus.