Job responsibilities:

Responsible to triage operating system related cyber security
incidents as a member of Security Operations Center incident responders’ team
second line.

Performs deep-dive incident analysis by correlating data from
various sources; determines if a critical system or data set has been impacted;
advises on remediation; provides support for new analytic methods for detecting
threats.

·
Proactively monitoring the operating
systems alert queue using multiple tools, such as SIEM, EDR and custom-built
system monitoring tools.

·
Conducting triage of alerts to identify
potential, false positives, policy violations, intrusion attempts and
compromises on the system level.

·
Consolidating data from alert triage to
provide context necessary to escalate Tier 3 Analyst.

· ...