Security Operations Center Analyst (L1-L2, Operations)

Duties:· Detection and investigation of information security incidents· Threat hunting based on endpoint and network telemetry· Incident response recommendation· Communications with customers on detected security incidents· Adjust detection logic to fit Customer needs (filter out false positives, customize correlation rules, etc.).Technical skills:· Practical experience in the identification and investigation of information security incidents, development of recommendations to prevent similar incidents in the future.· Understanding of the methods, tools and processes to respond to information security incidents.· Experience in network traffic and log-files analysis from various sources.· Knowledge of modern operating systems architecture – Windows, Linux, MacOS, typical enterprise IT infrastructures· Knowledge of current threats, adversary tactics and techniques (see MITRE ATT&CK https://attack.mitre.org/matrices/enterprise/ ), vulnerabilities, typical of attacks on information systems and tools to implement them, as well as methods for their detection and response.· Knowledge of network protocols, mostly application layer of OSI model, used in the enterprise networks· Experience in script programming (PowerShell, Python).· Experience in work with ELK stack (https://www.elastic.co/products) is welcome.Other skills:· Analytical skills, attention to details and accuracy.· Ability to work in a team.· Initiative.