Job description:
Monitoring and continuous monitoring of events, logs
Network and system activities in order to identify suspicious patterns and signs of cyber attacks
Analysis and evaluation of network and system events and activities using tools
Record tickets and follow up with the relevant groups to refine dashboards and rules
Analyze and enrich alerts
Prepare relevant reports

Skills:
Recognize attacks in different layers
Ability to analyze logs and identify attacks using logs (especially Windows and Linux logs)
Knowledge of Security Operation Center Use Cases
Working experience with SIEM system
Familiarity with network at CCNA level
Knowing the MITER table