1. Key Responsibilities:
- Monitoring and Threat Detection:
- Actively monitor Microsoft Sentinel for security alerts and identify potential threats to the organization&aposs environment.
- Evaluate and prioritize security events based on severity and potential impact.
- Detect suspicious behaviors and patterns using event logs, network data, and other security tools.
- Incident Investigation:
- Investigate alerts to identify indicators of compromise (IOCs) such as unauthorized access, malware activity, or phishing attempts.
- Correlate data from multiple sources to build a comprehensive picture of potential security incidents.
- Document findings and maintain detailed records of all events and actions taken.
- Escalation and Collaboration:
- Escalate verified security incidents to Level 2 analysts or the Incident Response team, providing detailed contextual information.
- Collaborate with cross-functional teams to mitigate security risks effectively.
- Maintain communication with stakeholders to ensure timely updates during incidents.
- Initial Response and Remediation:
- Perform basic response actions under supervision, such as disabling compromised accounts, blocking malicious IPs, or containing suspicious activities.
- Support efforts to reduce false positives by fine-tuning detection rules and alert configurations.
- Continuous Learning and Improvement:
- Stay informed on cybersecurity trends, vulnerabilities, and emerging threats.
- Participate in training programs to deepen your understanding of tools, techniques, and best practices.
- Contribute to the refinement of SOC processes and playbooks.
2. Requirements:
- Education: Bachelors degree in Computer Science, Information Security, or a related field (or equivalent experience).
- Experience:
- 1 2 years of experience in a cybersecurity, IT support, or related technical role.
- Hands-on experience with basic troubleshooting and security tools is a plus.
- Certifications: Preferred: CompTIA Security+, Microsoft Certified: Security Operations Analyst Associate, or equivalent entry-level cybersecurity certifications.
- Technical Skills:
- Familiarity with Microsoft Sentinel and other SIEM tools.
- Basic understanding of networking protocols (TCP/IP, DNS, VPNs) and operating system fundamentals.
- Knowledge of cybersecurity principles, common threat types, and attack methods.
- Ability to analyze log data, correlate events, and identify suspicious activities.
- Soft Skills:
- Strong analytical thinking and attention to detail.
- Effective written and verbal communication skills to convey findings clearly.
- Ability to multitask and adapt in a fast-paced environment.
- Team-oriented mindset with a willingness to learn and grow.
3. Benefits:
- Competitive income according to ability.
- Pay social insurance, health insurance and enjoy full benefits according to labor law.
- Annual Leaves, 13th Month salary,
- Professional, dynamic working environment.
