Essential Duties and Responsibilities:
Security Operations Support
Monitor security alerts and incidents using tools such as SIEM, endpoint protection platforms, intrusion detection/prevention systems, and user behavior analytics.
Analyze security events to determine the level of risk and escalate incidents as needed.
Assist in managing malware defenses, endpoint protection, and boundary defense systems (e.g., firewalls, network segmentation).
Support identity and access management processes, ensuring adherence to the principle of least privilege.
Conduct routine monitoring of email and web protection systems to identify potential threats.
Bachelor’s degree in information technology, cybersecurity, or a related field (or equivalent experience).
1–3 years of experience in IT, cybersecurity, or a related area is preferred but not required.
Good knowledge of basic network protocols, such as TCP/IP, UDP, DNS, HTTP/S, and SSH.
Fundamental knowledge of SIEM/SOAR platforms, including query languages, event correlation rules, reporting, and log stream analysis.
Understanding of common Tactics, Techniques, and Procedures (TTPs) as outlined in the MITRE ATT&CK Framework.
Familiarity with common attack vectors, such as malware, phishing, and ransomware.
Basic understanding of firewall capabilities, IDS/IPS, and next-generation antivirus solutions.