It's not just IT solutions, It's IT global know-how! Logicalis is an international multi-skilled solution provider providing digital enablement services to help customers harness digital technology and innovative services to deliver powerful business outcomes.
Our customers span industries and geographical regions; and our focus is to engage in the dynamics of our customers' vertical markets; including financial services, TMT (telecommunications, media and technology), education, healthcare, retail, government, manufacturing and professional services, and apply the skills of our 4,500 employees in modernising key digital pillars; data centre and cloud services, security and network infrastructure, workspace communications and collaboration, data and information strategies, and IT operation modernisation. We are the advocates for our customers for some of the world's leading technology companies including Cisco, HPE, IBM, CA Technologies, NetApp, Microsoft, Oracle, VMware and ServiceNow.
Logicalis employees are innovative, smart, entrepreneurial and customer centric, with a shared ambition of making Logicalis the worlds leading IT Solutions provider!
We offer speedy decision-making, opportunities for personal development, and a supportive, inclusive environment that celebrates our diversity.
Join us and become a part of something epic!
Purpose The Security Operations Centre will provide defence against security breaches and actively isolate and mitigate security risks. The Tier 1 SOC Analyst forms part of the security operations center SOC team. The SOC Team will identify, analyse and react to cyber security threats using a reliable set of processes and security technologies. The SOC Team includes the SOC Manager, SIEM Platform Manager, Case Manager, Tier 2 SOC Analysts, Tier 3 SOC Analyst, and Security Engineers. They work with IT operational teams to address security incidents and events quickly. The SOC Team will provide a critical layer of analysis needed to seek out any irregular activity that could suggest a security incident.
Job role The job role includes actively participating in the incident detection process as follows:
Act as the first responder and first line support in security events across source security systems being monitoredContinuously monitors the alert queue on a 24 X 7 shift rotation basisContinuously monitors services utilising a number of toolsetsConducts initial triage based on defined run books of alertsIdentifies potential, false positives, policy violations, intrusion attempts, security threats and potential compromisesConsolidates data through alert triage to provide necessary context prior to escalating to relevant Security Engineering Specialists to perform deeper analysis when necessaryManages customer security event & incidents and service requests via the Logicalis Optimal Services PortalIdentifies alarms by method e.g. credentials compromisedIdentifies alarms by asset classBased on the correlation rules and alarms within the SIEM and run books, identifies the potential anomaly tactic using the MITRE ATT&CK frameworkCreates initial tickets in the SIEM platform – this would be automatically created into Service NowMonitors incoming event queues for potential security incidents using the SIEM platform and defined operational proceduresPerforms a preliminary investigation of potential incidents, and escalate or close events as applicableMonitors SOC ticket (or email) queue for potential event reporting from outside entities and individual usersDocuments basic investigation results, ensuring relevant details are passed on to Tier 2 SOC Level 2 for further event analysisHandles customer calls into the SOC Support Services DeskMonitors basic security infrastructure health of security sensors and relevant source security systemsCollects data and context necessary to initiate Tier 2 or Tier 3 deeper analysis and review activitiesPerforms activities in a SOC environment that is 24x7x365 on a day/night shift rotation basis, including weekend and holiday. A specific shift cannot be guaranteed but attempts will be made to place personnel on their desired shiftPrepares Security Reports for Customers across platforms and Security ServicesRun through basic security health checklists on a daily basis to ensure security systems are running optimallyEnsure that when problems are discovered that they are solved effectively and creatively if requiredAssist senior SOC staff with operational responsibilitiesCompetencies & experience required 1 year experience in IT Infrastructure Support, and a further 1 year track record as a Tier 1 SOC Analyst in a SOCBasic knowledge of networks technologies (protocols, design concepts, access control)Basic knowledge of security technologies (firewalls and endpoint protection)Basic IT infrastructure technical and problem-solving skillsGood communication skills, both written and oralTeam playerAnalytical skillsReport writing skillsEducation required Grade 12Degree or Diploma in Computer TechnologyCompTIA A+, N+ S+Microsoft Azure Security related certificate.
#J-18808-Ljbffr