- Provides deep dive investigation into a lower volume of more complex attacks, often multi-stage attacks conducted by human attack operators. - Escalation point of Level 1 analysis of alerts and incidents and provide further investigation if necessary - Monitoring of alert and downstream dependencys health - Provides context and insights to support all other functions using a threat intelligence platform (TIP) - Uses threat intelligence to initiate investigations and identify malicious activity - Responsible for assessing IT security infrastructure according to the latest threat intelligence to determine unexpected or stealthy means of network entry. - Provides the necessary technical trainings to the SOC team - Provides transactional technical support to CyberQ Group on other services being offered to clients which includes pre-sales activities and documentations, etc. - Responsible for auditing client incident reports to ensure quality SOC alerting and investigation - Performs fine-tuning of rules in SIEM - Administration of SIEM platform and automations - Provides assistance when needed to other parts of the operations - Primarily responsible for Incident Response Services as First Responder - Provides support on Transactional Consultancy Services such as Incident Response, Human Reconnaissance and Cybersecurity Awareness Training and Vulnerability Management - Ensures quality reports and deliverables to client - Provides technical trainings, security awareness training as required. - Will work with the SOC Manager for continuous improvement within the operationsDesired skills- Must have the analytical and critical thinking skills to examine security flaws and design robust network security and strategies recommendations.- Must stay up to date with the latest technologies and developments and adopt self-teaching practices to ensure they are up to date with changes in the industry.- Must work closely with their team and other security professionals. He/she must have the ability to share information with all team members concisely and effectively.- The analyst must also be able to effectively handle pressure. The ability to work under pressure during incidents and meet timelines for regular security audits is essential.Main Requirement - 100mbps