SOC Monitor

Position Responsibilities :

1.Monitoring and Analysis:

•Continuously monitor security events using various security information and event management (SIEM) tools.

•Analyze logs and alerts from different sources to identify potential security threats and incidents.

2.Incident Response:

• Respond to security incidents, including malware infections, network intrusions, and data breaches.

•Perform initial triage and assessment of security incidents.

•Escalate incidents to higher-level security analysts or incident response teams as needed.

3.Threat Detection:

•Identify and investigate suspicious activities and anomalies within the network and systems.

•Use threat intelligence sources to stay informed about the latest security threats and vulnerabilities.

4.Documentation and Reporting:

•Document all security incidents, including the steps taken to investigate and resolve them.

•Prepare regular reports on security incidents, findings, and remediation efforts.

5.Security Controls:

•Ensure the effectiveness of existing security controls and recommend improvements.

•Assist in the implementation and maintenance of security tools and technologies.

6.Collaboration and Communication:

•Work closely with other IT and security teams to resolve security incidents.

•Communicate effectively with stakeholders regarding security issues and incident status.

Personnel Qualification Requirements :

1.Education:

Bachelor’s degree in Information Security, Computer Science, or related field.

2.Work experience:

1.1-3 years of experience in a security operations or similar role；

2.Candidates with experience in SOC,network monitoring or security analysis are preferred.

3.Certifications:

Relevant certifications such as Certified Information Systems Auditor（CISA）,Certified Information Systems Security Professional (CISSP), or similar are preferred.

4.Working Conditions:

May require shift work to provide 24/7 monitoring coverage.Ability to work under pressure and respond to high-severity incidents promptly.

Personnal Skill Requirements :

1.Networking

•Understanding of TCP/IP, network protocols, and network security architecture.

•Knowledge of network devices such as routers, switches, firewalls, and VPNs.

2.System Administration:

• Proficiency in managing and securing operating systems (Windows, Linux).

• Experience with server management, virtualization, and cloud computing platforms (Huawei Cloud,AWS, Azure, Google Cloud).

3.Security Tools:

•Proficiency in using SIEM tools (e.g., Huawei SecMaster,Splunk, ArcSight, QRadar).

• Familiarity with intrusion detection/prevention systems (IDS/IPS), endpoint protection, and vulnerability management tools.

4.Analytical and Problem-Solving Skills

•Log Analysis:Proficiency in analyzing logs from various sources (network devices, servers, applications) to identify anomalies and security incidents.

•Root Cause Analysis:Ability to perform root cause analysis to understand the origin and impact of security incidents.