L1- Associate Cyber Security SOC

Description

Ingram Micro touches 80% of the technology you use every day with our focus on Technology Solutions, Cloud, and Commerce and Lifecycle Solutions. With $50 billion in revenue, we have become the world’s largest technology distributor with operations in 64 countries and more than 35,000 associates.

Position Summary

• Perform triage of incoming issues (asses the priority and determine risk).
• Validate suspicious events and escalate as needed alerts that require analysis.
• Triage and investigate security events.
• Incident intake, ticket updates and reporting of cyber events.
• Act as the first line of defense while detecting and identifying the occurrences of cybersecurity events.
• Investigate security notifications.
• Analyze detected events to understand attack targets and methods.
• Processing DNS change requests to our registrar.
• Tune and implement configuration changes to security controls, as necessary.
• Stay up to date on information technology trends and security standards.

What you bring to the role

• A bachelor/s degree in I.T., Engineering, Cyber Security or related science and math discipline with an information emphasis or equivalent experience
• English Proficiency is a must.
• One or more years of full-time professional experience in the Information Security field
• Experience working in a Security Operations Center (SOC), Managed Security Service (MSS), or enterprise network environment
• Answer incoming calls and monitor various email accounts and act according to SOC procedures and process
• Proactively identify and remediate threats occurring in the environment
• Participate in the day-to-day security operations monitoring and response from the Security Operations Center.
• Ability to generate comprehensive written reports and recommendations
• Ability to troubleshoot technical problems and ask probing questions to find the root cause or a problem
• Willing to work in shift schedule.
• Queue management of security events
• Demonstrate use and understanding of security technologies such as Security Incident and Event Management (SIEM) & Endpoint Detection and Response (EDR)
• Evaluate, respond, and mitigate alerts that originate from the SIEM and the security tools
• Familiarity with SANS top 20 critical security controls
• Familiarity with MITRE ATT&CK
• Basic understanding of vulnerability assessment tools.
• This position requites availability to work different shifts.
• Desired Certifications (CCNA Security, CCNA Security, CCNP Security, CompTIA Security +, GSEC or other Security Certifications.)