Security Operations Center(SOC) Specialist Tier 1

Job description

About Snapp

Snapp is the pioneer provider of ride-hailing mobile solutions in Iran. It connects smartphone owners who need a ride to Snapp drivers who use their private cars, offering transportation services. We are ambitious, passionate, engaged, and excited about pushing the boundaries of the transportation industry to new frontiers and be the first choice of each user in Iran.


About the Role

As a SOC Tier1 Specialist in Snapp, you will be working on security log monitoring and analyzing, escalating, reporting, documenting, and more.


Responsibilities

  • Monitoring security events on a real-time basis
  • Handling security incidents on the least time
  • Alarm Handling and Escalation
  • Documentation and Reporting

Requirements

  • At Least two years of experience in the required job position
  • Ability to work any shift pattern within the 24/7/365 operation, including days, nights, holidays, and weekends.
  • CEH, SANS 504
  • Familiarity with one of the following:
  1. NIST Incident Response Lifecycle
  2. Cyber Kill Chain
  3. Adversarial Tactics
  4. Techniques & Common Knowledge (ATT&CK).
  • Experience to work in the following teams:
  1. Computer Incident Response Team (CIRT)
  2. Computer Emergency Response Team (CERT)
  3. Computer Security Incident Response Center (CSIRC)
  4. Security Operations Center (SOC)
  • Strong ability to diagnose server or network alerts, events, or issues
  • Understanding of common information architecture frameworks
  • Excellent time management and organizational skills, and ability to handle multiple concurrent tasks
  • Good oral and written communication skills and ability to address conflict with others constructively
  • Experience with Disaster Recovery plans and related technologies Ability to work a flexible schedule
  • Experience with (SIEM) Systems "preferably ELK," Anti-Virus, IDS, Firewalls, Active Directory, and large Enterprise or Cloud environments.
  • Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution