SOC Investigator

Description

Provide 24/7 visibility, proactive threat detection, rapid investigation, and continuous threat hunting. The SOC is the front line of defense and the backbone of security operations. 

Responsibilities 

• Conduct full incident investigations on medium- and high-severity events

• Correlate telemetry from multiple sources (EDR, network, IAM, logs)

• Coordinate with response teams for containment and remediation

• Perform root-cause and impact analysis

 Requirements

• Deep understanding of attacker lifecycle and kill chain

• Memory forensics and host artifact analysis

• Packet capture and traffic analysis

• Scripting for enrichment and automation

     Tools & Platforms 

• EDR / SOAR platforms 

• Volatility / FTK – memory analysis 

• Wireshark – network inspection 

• Threat Intel platforms – enrichment & pivoting