The SOC Analyst will be responsible for protecting IFZA's information systems by identifying, assessing and mitigating security risks. This role involves monitoring, analyzing, and responding to security incidents, implementing security measures, and ensuring compliance with industry standards and regulations. The ideal candidate is proactive, detail-oriented, and possesses strong technical and analytical skills.
Requirements
Key Responsibilities
1. Security Monitoring
• Monitor SIEM dashboards (e.g., Microsoft Sentinel) and security alerts in real time.
• Track and analyze events from security tools (eg . Microsoft Defender)
• Identify suspicious activities, anomalies, or policy violations.
2. Incident Triage & Response
• Perform initial investigation and classification of alerts (false positive vs true positive).
• Collect and review logs, event details, reputation information, and indicators of compromise.
• Escalate confirmed or high-severity incidents to L2/L3 analysts with proper documentation.
• Initiate predefined response actions (isolating devices, forcing password resets, blocking IPs).
3. Threat Analysis
• Check IOC hits against threat intelligence sources.
• Analyze phishing emails, malware infections, malicious URLs, attachments, credential-harvesting attempts and unauthorized access.
• Identify trends across alerts to support early-stage threat detection.
4. Documentation & Reporting
• Create detailed incident tickets and investigation notes.
• Conduct root cause analysis and document incident reports with remediation recommendations.
• Maintain proper incident timelines and updates in the ticketing system.
• Generate reports for repeated or trending issues.
5. Collaboration
• Work closely with Security Team and internal IT teams.
• Communicate effectively with users to validate suspicious activities or login attempts.
• Follow established SOPs and contribute to process improvements.
6. Security Awareness and Training
• Conduct security awareness training for employees to promote best practices (e.g., password management, phishing prevention).
• Create and distribute educational materials on emerging cyber threats.
7. Threat Intelligence and Research:
• Stay updated on the latest cyber threats, vulnerabilities, and attack vectors.
• Analyze threat intelligence reports and apply findings to enhance organizational security posture.
Required Qualifications
• Bachelors in engineering, Computer Science, or related field.
• 5-7 years of experience in SOC operations.
• Minimum 3+ years hands-on experience in SOC, blue team, or security engineering roles.
• Proven expertise with Microsoft Sentinel, Microsoft Defender, Incident management and compromised recovery.
Technical Skills
• Solid grasp of TCP/IP, Windows/Linux internals, AWS/Azure security primitives.
• Scripting for automation (Python, Bash, or PowerShell).
• Familiarity with MITRE ATTACK mapping and threat-hunting methodology.
• Certifications (Good to Have)
• CompTIA Security+, Microsoft SC-200, CEH, CCNA or CCNP - Security.
Benefits
• 24 annual leave days
• Annual flight home
• Life insurance plan
• Medical insurance plan (with the option to upgrade at your own cost)
• Bonus scheme (in relevant departments)
• Invitations to participate in various company functions, staff events, and department team building events
• Opportunities to learn, develop and grow with the organization
