Security Operations Center Analyst

SIEM Admin

I. Deploy, configure, and maintain SIEM solutions (e.g., Splunk, IBM QRadar, ArcSight).

II. Monitor and analyze security events and alerts from the SIEM system.

III. Tune SIEM rules, filters, and use cases to reduce false positives and improve detection accuracy. IV. Integrate log sources and data feeds into the SIEM system.

V. Develop and implement SIEM dashboards and reports.

VI. Perform regular health checks and maintenance on the SIEM infrastructure.

VII. Work with other security team members to investigate and respond to security incidents.

VIII. Stay updated on the latest threats, vulnerabilities, and SIEM technologies. IX. Document configurations, processes, and procedures.

SOC Admin

I. Manage and maintain SOC infrastructure, including servers, network devices, and security tools. II. Ensure the availability and performance of SOC tools and technologies (e.g., SIEM, IDS / IPS, firewalls).

III. Perform regular system updates, patches, and backups.

IV. Monitor the SOC environment for hardware and software issues and resolve them promptly.

V. Support the SOC team in incident detection, analysis, and response.

VI. Develop and maintain SOC documentation, including configurations, processes, and procedures.

VII. Collaborate with IT and other security teams to enhance the overall security posture.

VIII. Stay updated on the latest security technologies and best practices.

IX. Assist in the development and implementation of SOC policies and procedures.