Senior SOC Analyst
Job description, responsibilities and duties
- Monitor SIEM, EDR, and other security tools for detection and identification of security events
- Document security investigations in a clear and consistent manner, often based on incident tickets created by EDR or SIEM
- Develop new use cases for security alerts, playbooks and also training on alerts
- Tune existing use cases to improve accuracy
- Tune endpoint and network security tools as needed, understand their configuration and settings options
- Perform threat hunting to identify potential security threats
- Perform vulnerability and threat intelligence research for specific type of attacks
- Review threat intelligence reports, ability communicate TTPs (Techniques, Tactics, and Procedures) to clients and prospects
- Ability to work after hours if needed, and understand 24/7 operations with add hoc support
- Perform security anomaly and incident detection
- Investigate, contain, and resolve security anomalies and events
- Perform threat actors attribution, understanding of criminal and nation states groups
- Identification of likely threat vector for security incidents, root cause analysis in EDR and SEIM
- Be able to use scripts to automate and correlate events, such as python and PowerShell
Employee perks, benefits
- Generous PTO
- Paid cyber education courses and certifications
- Paid Company Holidays
- Paid Sick Time
- Gym membership reimbursement
- Company phone
- Numerous company-sponsored events and team building.
Company on whose behalf the position is being filled
A global leader in Incident Response, Digital Forensics, Penetration Testing, Ransomware Mitigation, and Cyber Resiliency Services. The company experience spans decades working on high profile cases in coordination with Law Enforcement Agencies around the world.
Their best-in-class methodology builds on experience working with US Intelligence Agencies, US Secret Service, FBI, DHS, Interpol, Europol and NATO.
The company experts have been recognized with numerous awards, including being the winning team of Locked Shields, the world’s largest and most advanced international live-fire cyber defence exercise organized by NATO CCD COE in 2016.
Requirements for the employee
Candidates with education suit the position
Personality requirements and skills
- Minimum 3 years experience of combined SOC and Threat Hunting, working in SOC team, threats and vulnerability management, security operations and engineering or hunt
- Experience working with multiple SIEM, EDR, Log Aggregators, and Incident Response Management solutions
- Strong technical knowledge of Networking, Operating Systems and enterprise integrations
- Firm understanding of the security incident lifecycle
- Thorough understanding of TCP/IP
- Understand IDS / IPS rules to identify and/or prevent malicious activity, such as memory injections
- Basic knowledge of forensic methodologies and best practices to investigate intrusions, preserve evidence and coordinate a unified security response
- Basic knowledge of malware analysis
- Understanding of Packet Analysis (PCAP) and Packet Analysist software
- Familiarity with Database (Oracle, MSSQL, MySQL)
- At least one of the following certifications: CEH, CEPT, GPEN, OSCP, GWAPT, GSEC or GIACs.
- Experience with Python, PowerShell, and API programming
- Understanding of the VERIS and MITRE ATT&CK frameworks is a plus
- Confident and dynamic personality
- Desire to collaborate with team and work independently
- Ability to work under strict deadlines
- Strong communication skills
Brief description of the company
We do offer international experience, consultants with wide-ranging knowledge and experience in their specific fields and deep knowledge of the job market.
The company is a holder of a licence to offer recruitment services. (25908/2004 - OSS 129/2005. Plati pre SR.)
The company is a holder of a licence to offer recruitment services.
Number of employees
Information about the selection process
Odpovedáme všetkým kandidátom do 3 pracovných dní, a to aj v prípade zamietavého stanoviska
Nenašli ste ponuku, ktorá by Vás zaujala? Navštívte našu stránku www.synergie.sk, kde nájdete aj pozície, ktoré nie sú zverejnené na pracovných portáloch.
Poznáte niekoho, kto je vhodným kandidátom na jednu z našich pozícií? Zapojte sa do nášho referenčného programu a získajte 200 EUR!
Na Příkopě 14
11000 Praha 1