Primary responsibilities include:
Analyse network, application and system events in order to identify potential security
incidents and raise tickets as required.
Perform and lead proactive analysis from knowledge of current threats and trends within
Provide input into the training and development plans as required
Ensure all operation incidents, ongoing tickets and relevant information is logged into the
HOTO and the information is distributed accordingly
Ensure all tickets are quality checked prior to release to the regional contacts
Provide continuous SME support, updates and recommendations for ongoing incidents
being handled by the SOC
Support shift training, user awareness and mandated security education as required or
specified and promote additional professionalization within the level 1 analysts.
Produce operational reporting as required to support regional and internal information
exchanges and briefing requirements
Maintain a broad and current understanding of evolving threats and vulnerabilities as
applicable to the client estate and marketplace
Continually assess and maintain the Clients SOC documentation set and use-cases to
maintain a high standard of excellence within the service and ensure ongoing service
Secondary responsibilities include:
Deputise for the Level 3 Analyst as required
Assist the SOC Operations Manager and Level 3 Analyst to recruit and retain a functional
SOC team as required
Windows Server Administration (Server 2008 – 2016) – Specifically Domain Controller
management (AD/Security Administration/AD Connect/Group Policies/DNS) for a multi-site
multi-domain replication setup.
Windows Certificate Authority management.
Perform other essential duties as required
ESSENTIAL SKILLS & EXPERIENCE
Essential skills & experience includes:
Demonstrable experience in Cyber Operations include monitoring, incident response &
handling, threat detection and threat intelligence
SIEM, IDS and general security tooling experience (Ideally Splunk, Palo-Alto, SkyBox or
Excellent communication skills
Mentoring and coaching
Knowledge of Palo Alto Administration (Implementation, Configuration and
API/Automation) is a plus.
DESIRABLE SKILLS & EXPERIENCE
Desirable skills & experience includes:
SANS 401/501/504/511 or similar
EC-Council CEH or CHFI