نشان کن
کد آگهی: KP2503450861
استخدام Senior SOC Analyst
:fill(transparent):quality(100)/https://mstorage2.jobinjacdn.com/other/files/uploads/images/9bc21399-9402-43a7-9393-e170c05a933d/main.png)
والکس | Wallex
در تهران
اطلاعات شغل:
نوع همکاری: تماموقت
مدرک تحصیلی مورد نیاز: کارشناسی
مهارتهای مورد نیاز:
soc
Splunk
siem
پرداختها: توافقی
متن کامل آگهی:
Description
Wallex is a leading crypto exchange company. We are seeking a skilled and motivated SOC Analyst to join our SOC team. This is an operational role focused on monitoring our security posture, detecting, analyzing, and responding to security incidents and threats to protect our mission-critical services. As part of a high-performance fintech environment, you will play a key role in our daily cyber defense operations, threat detection, and incident response readiness across physical, virtual, and cloud platforms. If you're passionate about cyber defense, alert analysis, incident investigation, threat hunting, and contributing to robust security solutions, we’d love to hear from you.
Wallex is a leading crypto exchange company. We are seeking a skilled and motivated SOC Analyst to join our SOC team. This is an operational role focused on monitoring our security posture, detecting, analyzing, and responding to security incidents and threats to protect our mission-critical services. As part of a high-performance fintech environment, you will play a key role in our daily cyber defense operations, threat detection, and incident response readiness across physical, virtual, and cloud platforms. If you're passionate about cyber defense, alert analysis, incident investigation, threat hunting, and contributing to robust security solutions, we’d love to hear from you.
Responsibilities
- Monitor security dashboards and alert queues, performing initial triage and escalation of security events.
- Effectively utilize the security monitoring and detection infrastructure, including SIEM (Splunk, ELK Stack), IDS/IPS, and Endpoint Detection and Response (EDR) tools for daily operations.
- Operate and fine-tune security tools, ensuring data quality and alert efficacy. Contribute to the development and refinement of detection rules, dashboards, and reports within the SIEM.
- Analyze security alerts, conduct in-depth investigations of potential security incidents using available tools and logs, and manage the incident response lifecycle for assigned events.
- Conduct initial digital forensics and incident response (DFIR) activities for confirmed incidents, including evidence collection and preliminary analysis.
- Proactively hunt for threats and anomalies within the network, endpoint, and cloud data.
- Execute and contribute to the refinement of security incident response plans, playbooks, and procedures.
- Monitor and analyze logs from various sources (e.g., firewalls, servers, network devices, applications, cloud services) to identify malicious activity.
- Collaborate with IT, DevOps, Network, and Application teams on security incident resolution and vulnerability remediation.
- Document security incidents, investigation findings, and procedures clearly and thoroughly.
- Stay current with emerging threats, vulnerabilities, security analysis best practices, and new technologies.
Requirements
- Minimum 3-5 years of experience in a Security Operations Center (SOC), cybersecurity engineering, or incident response role.
- Strong hands-on experience using SIEM solutions (Splunk and/or ELK Stack) for analysis, searching, and reporting. Experience with data ingestion concepts and developing basic dashboards or reports is a plus.
- Proficiency in analyzing alerts from IDS/IPS solutions and understanding their typical configurations.
- Solid experience using Endpoint Detection and Response (EDR) tools for investigation and response.
- Deep understanding of common attack vectors, cyber threat intelligence, and incident response methodologies (e.g., NIST).
- Good understanding of network protocols (TCP/IP, DNS, HTTP/S), network architecture, and security implications. Experience analyzing logs from firewalls, routers, and switches.
- Familiarity with operating system security (Windows, Linux), virtualization security concepts, and container security.
- Excellent analytical, problem-solving, and investigative skills.
- Strong documentation and communication capabilities, with the ability to articulate technical findings and issues clearly.
- High attention to detail, strong security awareness, and a proactive, analytical mindset.
- Ability to work effectively in a team and under pressure.
- Demonstrable Digital Forensics and Incident Response (DFIR) skills and understanding of relevant processes.
Nice to Have
- Experience with security automation tools (e.g., Ansible, Terraform) and scripting languages (Python, Bash) for automating repetitive analytical tasks.
- Experience with SOAR platforms from an analyst perspective.
- Experience with vulnerability assessment tools and interpreting their results.
- Understanding of advanced network security architecture (e.g., zero-trust, micro-segmentation).
- Experience with disaster recovery planning and business continuity from a security perspective.
- Exposure to Infrastructure as Code (IaC) principles and Git.
این آگهی از وبسایت جابینجا پیدا شده، با زدن دکمهی تماس با کارفرما، به وبسایت جابینجا برین و از اونجا برای این شغل اقدام کنین.
هشدار
گزارش مشکل آگهی
تماس با کارفرما
این آگهی رو برای دیگران بفرست
نشان کن
گزارش مشکل آگهی
جستجوهای مرتبط
چهارشنبه 12 تیر 1404، ساعت 13:21