Job Summary
The Security Operations Center (SOC) Analyst Level 2 position is assigned to the Enterprise Information Security team. The primary purpose of this position is to help monitor and report on cyber incidents impacting NetApp, as well as analyse security events detected by the L1 analysts. This position involves critical duties and responsibilities that must continue to be performed during crisis situations and contingency operations, which may necessitate extended hours of work.
Job Requirements
Knowledge of various security methodologies and processes, and technical security solutions (SIEM, firewall and intrusion detection/prevention systems)
Knowledge of TCP/IP Protocols, network analysis, and network/security applications
System and/or network administrator skills in Cloud environment
Knowledge of common Internet protocols and applications
Ability to multi-task, prioritise, and manage time effectively
Strong attention to detail
Excellent interpersonal skills and professional demeanour
Excellent verbal and written communication skills
Excellent customer service skills
Proficient in Microsoft Office applications
SQL knowledge highly desirable
Knowledge of Malware Reverse Engineering.
Good to have a CEH, GCIA, GCIH, GCFA, GCFE or other related certifications.
Key Responsibilities:
Responsible for working in a 24x7 Security Operation Center (SOC) environment
Review the latest alerts to determine relevancy and urgency
Review trouble security tickets
Should be ready to work during night shift (06:00 AM to 3:00 PM OR 2:00 PM to 11:00PM or 10:00PM to 7:00AM)
Leverage emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack
Review and collect asset data (configs, running processes, etc.) on these systems for further investigation.
Investigate alerts from SIEM, EDR, XDR and other security tools across physical and cloud environments.
Determine and direct remediation and recovery efforts of security incidents.
Provide analysis and trending of security log data from many heterogeneous security devices
Provide threat and vulnerability analysis as well as security advisory services
Analyse and respond to previously undisclosed software and hardware vulnerabilities
Investigate, document, and report on Information Security issues and emerging trends
Coordinate with L2, L3, IR analysts on activities impacting NetApp
Integrate and share information with other analysts and other teams
Comply with and update SOC Run Books, as needed
Actively participate and guide team in Threat Hunting activities.
Education
Requires a minimum of 7 years of related experience with a Bachelor's degree; or 2 years and a Master's degree; or a PhD without experience; or equivalent work experience.
Minimum of at least 5 years' experience as a Security/Network Administrator or equivalent knowledge.