Job description

The SOC The soc analyst will be responsible for protecting IFZA’s information systems identifying, assessing and mitigating security risks. This role involves monitoring, analyzing, and responding to security incidents, implementing security measures, and ensuring compliance with industry standards and regulations. The ideal candidate is proactive, detail-oriented, and possesses strong technical and analytical skills.

Security Monitoring

• Monitor SIEM dashboards (e.g., Microsoft Sentinel) and security alerts in real time.
• Track and analyze events from security tools (eg . Microsoft Defender)
• Identify suspicious activities, anomalies, or policy violations.

Incident Triage & Response

• Perform initial investigation and classification of alerts (false positive vs true positive).
• Collect and review logs, event details, reputation information, and indicators of compromise.
• Escalate confirmed or high-severity incidents to L2/L3 analysts with proper documentation.
• Initiate predefined response actions (isolating devices, forcing password resets, blocking IPs).

Threat Analysis

• Check IOC hits against threat intelligence sources.
• Analyze phishing emails, malwareinfections, malicious URLs, attachments, credential-harvesting attempts andunauthorizedaccess.
• Identify trends across alerts to support early-stage threat detection.

Documentation & Reporting

• Create detailed incident tickets and investigation notes.
• Conductrootcauseanalysisanddocumentincidentreportswithremediationrecommendations.
• Maintain proper incident timelines and updates in the ticketing system.
• Generate reports for repeated or trending issues.

Collaboration

• Work closely with Security Team and internal IT teams.
• Communicate effectively with users to validate suspicious activities or login attempts.
• Follow established SOPs and contribute to process improvements.

SecurityAwarenessandTraining

• Conductsecurityawarenesstrainingforemployeestopromotebestpractices(e.g.,passwordmanagement,phishingprevention).
• Createanddistributeeducationalmaterialsonemergingcyberthreats.

ThreatIntelligenceandResearch:

• Stayupdatedonthelatestcyberthreats,vulnerabilities,andattackvectors.
• Analyzethreatintelligencereportsandapplyfindingstoenhanceorganizationalsecurityposture.

RequiredQualifications

• Bachelor’s inengineering,ComputerScience,orrelatedfield.
• 5-7yearsofexperienceinSOC operations.
• Minimum3+yearshands-onexperienceinSOC,blue team,orsecurityengineeringroles.
• ProvenexpertisewithMicrosoftSentinel,MicrosoftDefender,Incidentmanagement and compromisedrecovery.

TechnicalSkills

• SolidgraspofTCP/IP,Windows/Linuxinternals,AWS/Azuresecurityprimitives.
• Scriptingforautomation(Python,Bash,orPowerShell).
• FamiliaritywithMITREATTACKmappingandthreat-huntingmethodology.

Certifications(GoodtoHave)

• CompTIASecurity+,Microsoft SC-200, CEH,CCNAorCCNP-Security.