• Bachelor’s degree in information technology, Computer Science, Computer Information System, Cyber Security, Cyber Forensic or any equivalent field.
  
• Familiarity with industry standards and regulations (e.g., ISO 27001, NIST, etc.)
  
• Proficiency in using security tools and technologies, such as firewalls, intrusion detection systems, SIEM, and vulnerability management tools.
  
• At least three years’ post qualification experience.
  
• Ability to read and interpret raw logs from various sources (Windows Event Logs, Firewall logs, Web Proxy logs).
  
• Knowledge of common attack vectors such as Phishing, SQL Injection, Cross-Site Scripting (XSS), and Ransomware.
  
• Familiarity with the phases of the Incident Response Life Cycle (Preparation, Detection, Analysis, Containment, Eradication, and Recovery).
  

1. Real-Time Security Monitoring: Conduct continuous monitoring of the bank’s SIEM (Security Information and Event Management) and EDR (Endpoint Detection and Response) consoles to identify suspicious activity across the network.

2. Incident Triage & Classification: Perform the initial assessment of security alerts to determine their severity, validity, and potential impact on banking operations (e.g., distinguishing a false positive from a legitimate brute-force attack).

3. Phishing & Email Analysis: Investigate reported suspicious emails and potential “Business Email Compromise” (BEC) attempts targeting bank employees or customers.

4. Alert Escalation: Ensure timely and accurate escalation of verified high-priority threats to Level 2 Analysts according to the bank’s internal Service Level Agreements (SLAs).

5. Threat Intelligence Integration: Utilize internal and external threat intelligence feeds to identify known malicious IP addresses, domains, and file hashes relevant to the financial sector.

6. Documentation & Reporting: Maintain detailed logs of all alerts and actions taken within the ticketing system to ensure a clear audit trail for regulatory compliance (e.g., PCI-DSS).

7. Vulnerability Awareness: Assist in identifying systems that are missing critical security patches or are running unauthorized software that could expose the bank to risk.

8. Health Checks: Perform routine health checks on security tools and sensors to ensure the SOC has 100% visibility across all banking platforms.