Cyber Security Operation Center Analyst

Job Description:

• Operating within a 24/7/365 Security Operation Center, working day/night shift pattern.
• Respond to cybersecurity events and incidents caused by internal and external threats to our clients, coordinate response activities with various stakeholders, and recommend mitigation strategies in an accordance with contracted Service Level Agreements.
• Handle incidents as defined in playbooks and standard operating procedures, and advise on remediation actions,
• Identify and design use case algorithms using framework standards (e.g., MITRE ATT&CK, NIST, Cyber Kill Chain).
• Present reports and produce communications, e-blasts and other forms of communication that may be both internal and client facing, to include leadership and executive management.
• Draft root cause analysis reports and recommendations after cybersecurity incidents
• Identify risk areas that will require vulnerability prevention.
• Stay current with Security technologies and make recommendations for use based on business value.
• Coding Knowledge in Scripting & programming languages (such as Java, Bash, Python, PowerShell, etc.) to use these skills to aid in responding to incidents involving Windows, Linux, and Mac hosts, as well as automate common analytical processes to reduce analyst time and avoid repetitive incident response tasks,
• Understanding of cloud environments and their security controls, microservices architectures & distributed Platforms especially in the SaaS businesses, global frameworks and standards like NIST, ISO 27001/27002/27017/ 27018, GDPR, etc.
• An Information Security qualification or evidence of starting to work toward CompTIA Security+/Network+, SANS GCIA, GSOC, GMON, GCFA, GCFE, GREM or similar certification.

Qualifications:

• Bachelor’s Degree in Computer Science, Computer Engineering, Information Security, Criminal Justice, or a related field,
• Have a minimum of 1 year of direct experience working in a Security Operations Center and/or Incident Response role.
• Able to reside in Istanbul or Ankara.
• Experience working in an industry standard Security Operations Center or similar environment providing incident handling and response, intrusion detection, analysis, cyber threat intelligence, threat determination, and mitigations processing and tracking, working with several network and system security technologies to include data analytics platforms, endpoint tools, network technologies and SIEMs.
• Knowledge of incident response processes, and threat intelligence cycles, including understanding of IP network traffic, security vulnerabilities, different exploitation techniques, and malware behaviors (including communications protocols).
• Proficiency in correlation and alerting rule creation, packet analysis, encryption and obfuscation techniques, malware handling and analysis, digital forensics, indicator of compromise (IOC) management, network flow data, advanced endpoint security technologies and big-data parsing/querying.
• Experience assessment threats derived from different intakes to include security technology alerts, user reported tickets, and other internal SOC organizations.
• Knowledge of linux command line, powershell, common scripting languages and regular expression (regex).
• Knowledge of the cyber threat landscape to include different types of adversaries, campaigns, and the motivations that create them.
• Possess the ability to employ critical and analytical thinking, as well as attention to detail.
• Positive attitude with strong oral and written communication skills.
• Demonstrate a high degree of integrity, initiative, energy and endurance, willingness to learn.

To access our employee clarification text:

https://www.turktelekomkariyer.com/aydinlatma-metni.aspx