The Solenis Security Analyst (SSA) has a wide variety of skills, including performing intrusion analysis, a deep understanding of the 18x5 security monitoring environment, and performing administrative tasks. The SSA is an important role Solenis’ IT Security Department. The SSA role requires defense against cyber threats by identifying and triaging security incidents. The ideal person in this role brings experience in investigating network and endpoint intrusions, as well as experience handling security incidents within the Security Operations Center (SOC).The SSA will triage event, perform escalations and coordinate incident response procedures. This role must be able to solve complex problems independently and know when to escalate issues to senior IT Security Leads and Managers. This individual will work with multiple technology platforms and interface with other groups within IT Security Operations.The Solenis Security Analyst (SSA) for the SOC will be responsible for responding to critical threats that impact information security at Solenis. This individual's role includes the following functions:
Good technical knowledge of implementing EDR policies, Rules creation, and Incident/alert management.
Good experience on security Incident response and investigation to identify the root cause of security breaches and gather evidence.
Hands-on experience in log Ingestion, Fine-tuning on reducing false positives, Event correlation, and analysis.
Hands-on experience with Automation (SOAR) and Custom KQL queries.
Develop and update incident response plans and playbooks to ensure effective handling of various types of incidents.
Develop and implement email security policies and best practices to safeguard against threats such as phishing, malware, and data breaches.
Design and enforce DLP policies and rules to prevent unauthorized data access, sharing, and transmission.
Deep technical knowledge of vulnerability management and administration
Collect and analyze threat intelligence to stay informed about emerging threats and vulnerabilities relevant to the organization.
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, Malware investigation, web Proxy and network concepts etc.
Engage in research and development of security solutions, testing new tools and methods for potential implementation.
Creating metrics for a Security Operations Center (SOC) measuring its effectiveness and identifying areas for improvement.