SOC Analyst

Devsinc is looking for a passionate SOC Analyst to join our dynamic team. The SOC Analyst will serve as a key member of our cybersecurity team, responsible for monitoring, analyzing, and responding to security threats and incidents. The successful candidate will have a strong understanding of security technologies, threat analysis, and incident response.

Responsibilities:

- Monitor security event logs, network traffic, and system alerts to identify potential security threats

- Analyze and triage security alerts to determine severity and impact

- Investigate security incidents, including root cause analysis and recommendation of remediation steps

- Develop and implement incident response plans and procedures

- Collaborate with cross-functional teams to address security concerns and implement security measures

- Stay up-to-date with emerging threats, technologies, and industry best practices

- Provide security awareness training and education to employees

- Participate in the development and maintenance of security policies, procedures, and standards

Basic Requirements:

1. Bachelor/Master Degree in Information Security, Computer Science or related field
2. At least 3+ years of experience in a SOC or Cybersecurity Analyst or similar role
3. Experience with threat analysis and incident response
4. Excellent analytical and problem-solving skills
5. Strong communication and collaboration skills specifically in English
6. Relevant certifications (e.g., CompTIA Security+, CISSP, CEH)

Technical Requirements:

1. SIEM (Security Information and Event Management) systems: Such as Splunk, ELK Stack, or IBM QRadar.
2. Threat intelligence platforms: Like ThreatQuotient, Anomali, or MISP.
3. Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS): For example, Snort, Suricata, or Cisco IPS.
4. Firewall and network security management: Such as Check Point, Cisco ASA, or Fortinet.
5. Endpoint security solutions: Like Endpoint Detection and Response (EDR) tools, e.g., Carbon Black, CrowdStrike, or McAfee.
6. Vulnerability management and scanning tools: Including Nessus, OpenVAS, or Qualys.
7. Incident response and forensic analysis tools: Like EnCase, FTK, or Volatility.
8. Security orchestration and automation tools: Such as Phantom, Demisto, or Swimlane.
9. Cloud security and monitoring tools: For example, AWS Security Hub, Google Cloud Security Command Center, or Microsoft Azure Security Center.
10. Scripting languages and automation tools: Like Python, PowerShell, or Bash.
11. Ticketing and incident management systems: Such as JIRA, ServiceNow, or BMC Helix.
12. Network monitoring and traffic analysis tools: Like Wireshark, Tcpdump, or Bro.
13. Experience with Github Actions, Gitlab CI or other CI/CD systems

Nice to Have:

- Experience with cloud security and DevOps

- Knowledge of compliance frameworks (e.g., HIPAA, PCI-DSS)

- Programming skills (e.g., Python, PowerShell)

- Experience with security automation and orchestration tools