SOC/NOC Specialist Tier 1

Job description

About Snapp

Snapp is the pioneer provider of ride-hailing mobile solutions in Iran. It connects smartphone owners who need a ride to Snapp drivers who use their private cars, offering transportation services. We are ambitious, passionate, engaged, and excited about pushing the boundaries of the transportation industry to new frontiers and be the first choice of each user in Iran.

About the Role

As a SOC/NOC Tier1 Specialist in Snapp, you will be working on security log monitoring and analyzing, escalating, reporting, documenting, and more.


  • Monitoring security events on a real-time basis
  • Handling security incidents on the least time
  • Alarm Handling and Escalation
  • Documentation and Reporting
  • Collaboration with the teammates in the data center and cloud teams
  • Supporting 7*24 Day/Night. (12hrs Shift, 24hrs Rest)
  • Checking all rotational monitoring system’s dashboards along the shift time and following IMP(Incident Management Process) during the incident time.
  • Active contribution in the planning and implementation phases of projects


  • At Least two years of experience in the required job position
  • Ability to work any shift pattern within the 24/7/365 operation, including days, nights, holidays, and weekends.
  • CEH, SANS 504
  • Familiarity with one of the following:
  1. NIST Incident Response Lifecycle
  2. Cyber Kill Chain
  3. Adversarial Tactics
  4. Techniques & Common Knowledge (ATT&CK).
  • Experience working in the following teams:
  1. Computer Incident Response Team (CIRT)
  2. Computer Emergency Response Team (CERT)
  3. Computer Security Incident Response Center (CIRC)
  4. Security Operations Center (SOC)
  • Strong ability to diagnose server or network alerts, events, or issues
  • Understanding of common information architecture frameworks
  • Excellent time management and organizational skills, and ability to handle multiple concurrent tasks
  • Good oral and written communication skills and ability to address conflict with others constructively
  • Experience with Disaster Recovery plans and related technologies Ability to work a flexible schedule
  • Experience with (SIEM) Systems "preferably ELK," Anti-Virus, IDS, Firewalls, Active Directory, and large Enterprise or Cloud environments.
  • Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution

Preferred Qualifications (optional)

  • Having prior experience with Zabbix Server would be an advantage
  • Having prior experience with Security Analyze system would be an advantage
  • Familiar with Unix-based operating systems such as Ubuntu, Centos
  • Familiar with one the programming scripting languages such as python

Having good knowledge in firewalling and network security