.png?1724175495){kind=logo}
About You
- You’re a Critical Thinker: You can quickly assess security alerts and incidents, prioritizing actions based on risk and impact.
- You’re Detail-Oriented: Your ability to dig deep into network traffic, security logs, and threat intelligence helps identify and mitigate potential threats before they escalate.
- You Have a Strong Security Mindset: Passionate about maintaining confidentiality, integrity, and availability, you’re committed to protecting information systems from advanced threats.
- You Work Well Under Pressure: You thrive in fast-paced, high-stakes situations, ensuring that incidents are handled with precision and care.
- You Communicate Clearly: Whether in documentation, escalation, or direct communication with team members and customers, you excel in conveying technical issues in a clear, actionable manner.
- You Embrace Continuous Learning: You’re always growing your skill set and adapting to new challenges and security practices to stay ahead of emerging threats.
- You’re Passionate About Process Improvement and Mentoring: You actively seek opportunities to enhance workflows, improve team efficiency, and mentor others, sharing your knowledge to elevate the entire team’s performance.
Things You’ll Do
- Monitor and Respond to Alerts: Analyze and respond to security events, including alerts from SIEMs, Firewalls, IDS/IPS, and Anti-Virus software, ensuring quick and effective action.
- Escalate and Triage Incidents: Act as an escalation point for first responders, ensuring that incidents are properly documented, analyzed, and escalated as needed.
- Investigate Security Threats: Use a variety of security tools to identify, assess, and remediate threats within customer environments, including investigating network traffic, endpoint logs, and event histories.
- Implement Security Measures: Take action to mitigate attacks, such as implementing IP blocks in firewalls and analyzing network traffic to reduce the attack surface.
- Provide Analytical Support: Utilize tools like Wireshark and tcpdump to analyze and characterize network traffic, identifying potential security threats and vulnerabilities.
- Collaborate with Teams: Work closely with other security professionals to correlate threat data, validate alerts, and contribute to the overall improvement of incident response and security practices.
- Create and Improve Documentation and mentor others: Document incident details, lessons learned, and opportunities for process improvement to ensure continuous enhancement of our security posture.
What You Bring
- Education & Experience: Bachelor’s degree or 3-5 years of experience in a SOC or similar IT security role, with a strong understanding of network protocols and security concepts.
- Technical Skills: Experience with SIEM tools, firewalls, IDS/IPS systems, anti-virus software, and security management tools. Hands-on knowledge of network traffic analysis tools such as Wireshark and tcpdump is a plus.
- Certifications: CompTIA Security+, Network+, Linux+, or SANS GIAC GSEC, GCIH, or equivalent certifications are preferred.
- Hands-On Experience: Familiarity with various operating systems (UNIX, Linux, Windows) and the ability to interpret security logs and system data from different platforms.
- Security Knowledge: Solid understanding of incident response procedures, security tools, and common vulnerabilities, as well as industry standards and best practices.
If you're ready to join a dynamic team and play a crucial role in the fight against cyber threats, we want to hear from you! Help shape the future of cybersecurity at Digital Hands.