123pracovat

Pracovní nabídka

SOC - Cyber Security Analyst Level 2

Summary:

Reporting to the SOC Team Leader, the technical responsibilities of the Level 2 Cyber Security Analyst can include advanced qualification of security events, in-depth investigations, incident handling, security research, as well as limited content development work. In order to continually support the client mandate, some non-technical responsibilities of the Level 2 Analyst role will be to provide input into existing processes and workflows as well as suggest future documentation needs. The Level 2 Analyst is also expected to provide mentoring and guidance to Level 1 analysts in support of team growth and development. The schedule of the Level 2 Analyst role encompasses working on an 8h shift-rotation schedule including mornings, afternoons, and weekend shifts.

Primary Responsibilities and Duties:

• Qualify SIEM incidents reported by Level 1.
• Investigate beyond the depth and technical expertise expected of Level 1.
• Perform incident response and report findings to customers.
• Handle incident escalations from Level 1.
• Qualify and escalate security incidents to our customers based on the incident severity.
• Perform Security research to suggest SIEM use-cases and refine investigation methods.
• Suggest improvements to the current SIEM content.
• Communicate directly with customers during meetings or escalations.
• Define or update processes and other documentation.

Secondary Responsibilities and Duties:

• Guide and mentor Level 1 Cyber Security Analysts.
• Quality Control (detections / tickets).
• Assist with training of Level 1 analysts.

Qualifications and Skills:

• Ideally, working experience in the Security Operations Center or other cyber security team
• Intermediate knowledge of SIEM (ideally Splunk) and/or IPS-related technologies is a mandatory skill.
• Strong analytical & technical skills. Ability to develop hypotheses for security events using limited, ambiguous, or conflicting information.
• Ability to lead and communicate efficiently within a team environment.
• Good English skills (both written and verbal).
• Professional certifications such as CCNA, CEH, SANS GCIA or GCIH, eCTHP, eCDFP are bonus/plus
• Education: (Preferred) Bachelor of Science degree in Computer Science, Computer Engineering, Information Technology or equivalent.
• 1+ years working within the information security field, with emphasis on security operations, incident management, intrusion detection, and security event analysis.
• Knowledge of technical writing and documentation and the ability to map processes and procedures back to roles and responsibilities within the organization.
• Great customer service skills.