Information Security (L2) SOC Analyst
nSOC-L2-ANALYSTNetbull is seeking for a senior Information Security Analyst that will join the Netbull SOC team. The SOC Analyst will support multiple functions that keep our SOC operations running strong.
Ideal candidates will have over 2 years of experience with security incident handling and response tasks as well as hands on experience with a SIEM solution. The analyst should be competent to work at a high technical level, be a strong team player and be willing to follow applicable processes and procedures while maintaining the flexibility to “think outside the box”.
Responsibilities
-
Assist and mentor L1 Analysts on triage.
-
Perform tier 2 incident analysis and response for escalated incidents.
-
Communicate with SOC management, senior SOC staff members and customers regarding investigations and status updates.
-
Design, create and maintain custom SIEM content (creation, evaluation and tuning of rules, reports, dashboards, etc.)
-
Design, create and maintain custom tools that support incident handling and response activities.
-
Conduct research on attacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits to accordingly enhance the threat and technical intelligence of Netbull Security Services.
-
Responsible for the continuous availability and support of the on premise and cloud SOC infrastructure.
-
End to end client integration with Netbull SOC for fresh installations and ad hoc scope expansions.
-
SOC infrastructure design, implementation, maintenance and support.
-
Manage system health and capacity utilizing monitoring tools.
-
Development and improvement of manuals and documentation (deployment and configurations guides, troubleshooting guides, technical articles, etc.)
-
Interface regularly with the SOC Manager to provide feedback on SOC operations.
-
On-call support during non-business hours.
-
Perform other duties as assigned by management.
Position Requirements
-
At least 2 years of experience in incident analysis and response activities. Experience in a SOC environment is preferred.
-
Demonstrated experience in a SIEM product.
-
Significant experience performing analysis of logs from a variety of sources.
-
Experience with packet analysis and malware analysis.
-
Knowledge of current security trends, threats, and techniques.
-
Experience with scripting.
-
Good verbal and written communication skills (Greek and English)
-
IT Security Certifications (GCIH/GCIA/CEH/CISSP), product certifications such as SIEM certifications or ability to obtain via self-study within one year of hire date.
-
Experience in Test Automation Practices.
-
Exceptional Communication and Presentation skills.
-
Proficiency to build relationship with Peers and Leaders across the Company.
Benefits
-
Competitive salary and benefits.
-
Be a part of an amazing culture and help innovate the future.
-
Rapidly growing company with opportunities for career growth.