CISOC Analyst

MINIMUM POSITION QUALIFICATION REQUIREMENTS

Academic and Professional

Education

• Bachelor’s Degree BSc. Information Technology / Computer Science / Cybersecurity / Engineering (Electrical, Electronic) or related field RQ
  

Professional Certifications

Information security certifications including, but not limited to:

• Certified SOC Analyst (CSA)
  
• Certified Incident Handler (E|CIH)
  
• Certified Threat Intelligence Analyst (CTIA)
  
• Certified Information Systems Security Professional (CISSP)
  
• Certified Ethical Hacker (CEH)
  
• PENTEST+
  
• Security+
  
• Certified Information Systems Auditor (CISA)
  
• Certified Information Security Manager (CISM) AA
  

Particulars Detail Specific Field or Qualification Need Type

• Any SIEM certification such as those from Splunk, IBM QRadar, LogRhythm, ArcSight, AlienVault, etc. AA
  
• Any vendor-specific information security certification such as those from Palo Alto, Cisco, etc. AA
  
• Master’s Degree MBA / MSc Cybersecurity / Information
  
• Systems Security / IT Security / IT AA
  

Experience

• Total Minimum Number of Years of IT Experience Required 3
  

Detail Minimum No. of Years Need Type

• Experience in Cybersecurity 2 ES
  
• Experience in System/ Network/ Database or
  
• Cloud Platform Administration, or Application Development 1 DE
  

• Monitor user and system activity to identify suspicious activities leveraging on security systems.
  
• Monitor network activity and investigate anomalous events and traffic trends
  
• Check security monitoring status of systems on monitoring tools and initiate remediation of noted gaps.
  
• Monitor alerts and alarms from security monitoring tools and initiate corrective actions
  
• Configure and finetune security monitoring systems to make sure the Bank is sufficiently protected
  
• Administer security tools ensuring optimal uptime and resource utilization
  
• Investigate suspicious user and system events and identify breaches and root cause.
  
• Mitigate intrusion attempts through proactive response to incidents.
  
• Prepare manual and scheduled reports for various stakeholders
  
• Research and stay up to date on technology and cybersecurity trends
  

DAILY RESPONSIBILITIES

• Monitor event logs from various systems (firewalls, email, web and DNS, databases, etc) to identify suspicious activities for attacks, intrusions, and unusual, unauthorised, or illegal activity.
  
• Perform incident drilldowns and investigations and escalate validated incident to designated incident response teams.
  
• Follow up on security incidents with relevant support teams and ensure timely resolution.
  
• Administer the performance, resource utilisation and overall health of the Bank’s security monitoring tools.
  
• Prepare and circulate SOC management reports and dashboards.