- Company Name
- OROL Cyber Solutions
- Job Title
- ANALYSTE SOC
- Job Description
-
**Job Title**
SOC Analyst (Secure Operations Center Analyst)
**Role Summary**
Monitors real‑time security alerts, analyzes logs and network events, and responds to cyber incidents. Provides incident investigation, documentation, and remediation recommendations while refining detection rules and processes. Works under pressure and coordinates with technical teams to contain and eradicate threats.
**Expectations**
- Rapid, accurate triage and analysis of security alerts.
- Deep understanding of attack techniques, threat intelligence, and log correlation.
- Proactive improvement of detection rules and incident response procedures.
- Clear, concise communication of findings to technical and non‑technical stakeholders.
**Key Responsibilities**
- Continuous monitoring of SIEM, EDR, IDS/IPS, firewalls, and other security tools.
- Analyze system, network, and application logs to identify malicious or anomalous behavior.
- Correlate events to detect complex attack scenarios and reduce false positives.
- Prioritize alerts according to criticality and potential impact.
- Conduct thorough incident investigations: identify origin, vector, affected assets, and scope of compromise.
- Collect and preserve evidence (logs, network captures, artifacts) for forensic and reporting purposes.
- Create detailed incident reports (scenario, indicators of compromise, remediation actions).
- Coordinate containment, eradication, and recovery activities with engineering teams.
- Execute playbooks and adapt procedures based on incident context.
- Participate in crisis exercises, simulations, and resilience testing.
- Recommend enhancements to detection rules, tools, and processes.
- Deliver training and awareness to staff on security best practices.
**Required Skills**
- Mastery of operating systems (Windows, Linux, macOS) and networking fundamentals.
- Proficient with TCP/IP, DNS, HTTP/HTTPS, SMTP and awareness of DDoS, MITM, and other network attacks.
- Strong log‑analysis capability for system, network, and application events.
- Hands‑on experience with SIEM, EDR, IDS/IPS, and firewall platforms.
- Scripting knowledge (Python, PowerShell, Bash) to automate analysis or response tasks.
- Familiarity with threat intelligence feeds and OSINT sources.
- Ability to document evidence, write technical reports, and present findings.
- Excellent communication, teamwork, and pressure‑resilience.
- Proactive learning orientation and continuous improvement mindset.
**Required Education & Certifications**
- Minimum bachelor’s degree (Bac +3) in Computer Science, Information Technology, Cybersecurity, or related field.
- Prior SOC‑analyst or incident‑response experience preferred.
- Relevant certifications (CISSP, CISM, CEH, CompTIA Security+, or SOC‑specific credentials) are highly desirable.