Trách nhiệm công việc
Troubleshooting: Perform basic response actions under supervision, such as disabling compromised accounts, blocking malicious IPs, or containing suspicious activities; Support efforts to reduce false positives by fine-tuning detection rules and alert configurations.
Threat Monitoring: Actively monitor Microsoft Sentinel for security alerts and identify potential threats to the organization's environment; Evaluate and prioritize security events based on severity and potential impact; Detect suspicious behaviors and patterns using event logs, network data, and other security tools.
Incident Reporting: Escalate verified security incidents to Level 2 analysts or the Incident Response team, providing detailed contextual information; Collaborate with cross-functional teams to mitigate security risks effectively; Maintain communication with stakeholders to ensure timely updates during incidents.
Continuous Improvement: Stay informed on cybersecurity trends, vulnerabilities, and emerging threats; Participate in training programs to deepen your understanding of tools, techniques, and best practices; Contribute to the refinement of SOC processes and playbooks.
Kỹ năng & Chuyên môn
Development Tools: Familiarity with Microsoft Sentinel and other SIEM tools.
Security: Knowledge of cybersecurity principles, common threat types, and attack methods.
Problem Solving: Ability to analyze log data, correlate events, and identify suspicious activities; Strong analytical thinking and attention to detail.
Communication: Effective written and verbal communication skills to convey findings clearly.
Teamwork: Team-oriented mindset with a willingness to learn and grow.
Adaptability: Ability to multitask and adapt in a fast-paced environment.
Industry Knowledge: Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience); Preferred: CompTIA Security+, Microsoft Certified: Security Operations Analyst Associate, or equivalent entry-level cybersecurity certifications.
Hands-On Experience: 0–2 years of experience in a cybersecurity, IT support, or related technical role; Hands-on experience with basic troubleshooting and security tools is a plus.
Networking Basics: Basic understanding of networking protocols (TCP/IP, DNS, VPNs) and operating system fundamentals.
