Incident Handling & Response
Perform Log Analysis from Different Sources, Investigate and escalate incidents to L2 or L3 Team Members
Provide communication and escalation throughout the incident as per the SOC Playbooks and escalation matrix
SIEM tool Monitoring, Triaging and Analysis of alerts and events
Network Fundaments
Endpoint & Anti-Virus
O365 Security & Compliance
Azure Active Directory
SNOW Ticketing system
Proxy Tools working knowledge
TrendMicro Endpoint Security knowledge
Fundaments of Cyber Kill Chain & MITRE ATTACK
Understanding of TCP/IP and NetFlow traffic analysis
Knowledge of types of Attacks and Containment Actions
Knowledge of SIEM Platforms
Potential Phishing investigation & Malware emails analysis
Monitor and analyze security alerts in SIEM platform
Monitor and analyze security alerts in NTA/ETA platform
Monitor and analyze security alerts in UAB platform
Monitor, Gather information and Report IT Security incidents and provide regular activity reports
Working on SNOW ticketing tool
Follow SOC Playbooks and escalation matrix
Monitor security controls and ensure their operational effectiveness and availability