Security Operations Center Analyst

Reporting to: Head of IS Operations / CISO

Key Responsibilities:

▪ Develop understanding of bank’s technical and business environment.

▪ Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities

and distinguish these incidents and events from benign activities.

▪ Conduct research, analysis, and correlation across a wide variety of all source data sets

▪ Respond to incidents that arise inside/outside of business hours and propose security measures as per requirement.

▪ Assess the risk of escalation of incidents and coordinate with team for actions to minimize risks.

▪ Provide Daily/weekly/monthly summary reports of network events and activity relevant to cyber defense practices.

▪ Complete security incident records and register accurately.

▪ Create Knowledge based information for repeated observed activity.

▪ Explore threat intelligence feeds/portals about incident related information.

▪ Doing weekly security devices backup and basic health checkup for Security devices.

▪ Co-ordinate with the OEM/support service provider for update/upgrade or any technical Issue.

▪ Implementation and Support for SIEM solution, SIEM administration, configuration, fine-tuning, preparation of correlation

rules.

▪ Manage the infrastructures and operations such as DLP, EDR, XDR, AV, Data Security & Data Classification.

▪ Create template for Vulnerability assessment and Perform vulnerability assessment of IT infra in scope.

Required Knowledge and Skills

▪ Knowledge of computer networking concepts and protocols, and network security methodologies.

▪ Knowledge of cyber threats and vulnerabilities.

▪ Knowledge of vulnerability (information dissemination) sources (e.g., alerts advisories, errata, and bulletins).

▪ Knowledge of incident response and handling methodologies.

▪ Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity,

availability, authentication, non-repudiation).

▪ Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.

▪ Knowledge of network traffic analysis methods.

▪ Knowledge of new and emerging information technology (IT) and cybersecurity technologies.

▪ Skill in determining how a security system should work (including its resilience and dependability capabilities) and how

changes in conditions, operations, or the environment will affect these outcomes.

▪ Skill in the use of penetration testing tools and techniques.

▪ Skill in the use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).

▪ Skill in using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.).

▪ Skill in conducting application vulnerability assessments.

▪ Knowledge and skills of information classification and data leakage prevention tools

▪ Knowledge of and operational competence in Endpoint Security (EDR, XDR, Antivirus, etc.) products

Recommended Trainings

▪ SIEM technologies advance trainings

▪ Vulnerability management trainings

▪ Ethical hacking and penetration testing trainings

▪ EDR / XDR products trainings

Qualifications

▪ An ideal candidate should have honor’s degree in IT / Computer Science / Related discipline

▪ At least 1 to 3 years of working experience in information security operations

▪ Holding a certificate (CEH, CISSP, ISO27001, CISM, CISA, etc.) is preferred

▪ Fluent English communication skills is must (written and spoken)