Hello everyone,
I am working as a IT Security Monitoring analyst for 3 years. I am confused what NOC Code to use. Please advise. Thanks in advance for all your help.
- Provide real-time security event monitoring and initial analysis to internal and external threats using Arcsight Express.
- Notifies appropriate staff and vendors of any security threats/events
- Daily reporting on alerts received and raised cases and other adhoc reports.
- Daily SIEM Health Check report
- Monthly report on Global Threat monitoring and security alerts.
- Communicate with external teams in proper incident resolution
- Global threat monitoring and sends notification of top malicious external hosts to regional IT Security team.
- Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analysis of relevant event detail and summary information.
- Monitor incidents using Arcsight Express for any suspicious activities that may impact the bank operations.
- Interacts with external parties to resolve the queries relating to the raised incident
- Knowledge of bank’s security best practices and concepts.
- Conduct research and further investigation and identify vulnerabilities.
- Recommend filters to eliminate false positives. Fine-tune assessed security events that are found to be false-positive to improve accuracy of detecting network security violations on the customer’s network
- Analyzes network traffic and alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms
I am working as a IT Security Monitoring analyst for 3 years. I am confused what NOC Code to use. Please advise. Thanks in advance for all your help.
- Provide real-time security event monitoring and initial analysis to internal and external threats using Arcsight Express.
- Notifies appropriate staff and vendors of any security threats/events
- Daily reporting on alerts received and raised cases and other adhoc reports.
- Daily SIEM Health Check report
- Monthly report on Global Threat monitoring and security alerts.
- Communicate with external teams in proper incident resolution
- Global threat monitoring and sends notification of top malicious external hosts to regional IT Security team.
- Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analysis of relevant event detail and summary information.
- Monitor incidents using Arcsight Express for any suspicious activities that may impact the bank operations.
- Interacts with external parties to resolve the queries relating to the raised incident
- Knowledge of bank’s security best practices and concepts.
- Conduct research and further investigation and identify vulnerabilities.
- Recommend filters to eliminate false positives. Fine-tune assessed security events that are found to be false-positive to improve accuracy of detecting network security violations on the customer’s network
- Analyzes network traffic and alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms