Security Operation Center Analyst

Responsibilities:

1. Security Monitoring & Incident Handling
Investigate and respond to escalated security alerts, analyze suspicious activities from various log sources, coordinate containment and remediation with users and development teams, and document findings with post-incident recommendations.

2. Monitoring System Enhancement
Optimize and expand SIEM and monitoring tools for better visibility, develop custom rules and automated workflows, and collaborate with engineering teams to ensure data collection and log integrity.

3. AI and Automation Integration
Implement AI solutions to automate analysis tasks and reduce false positives, evaluate new technologies for SOC efficiency, and create scripts for alert enrichment and response orchestration.

4. Security Assessment & Continuous Improvement
Conduct regular security assessments and vulnerability reviews, identify monitoring gaps and suggest improvements, and support exercises to enhance SOC effectiveness.

Requirements:

• More than 2 years of relevant experience in related network, system operations and management
• Familiarity with security operations, incident response, and ticketing systems.
• Basic operation of Linux operating system
• Proven experience in support on Windows, macOS, and Linux, experience in XDR and Elastic Search support is an advantage
• Strong analytical and problem-solving skill on information security incident handling, firewalls, malware/network packets/vulnerability analysis, etc. are preferred.