SOC Analyst L2 (Cyber Security Engineer/ Information Security)

JSAN

  • București
  • Permanent
  • Full-time
  • Acum 13 zile
JSAN Consulting provides technology consulting services throughout Europe, USA and APAC, and we pride ourselves on our highly professional and service focused approach. Our unique value proposition of being better, faster and less expensive is compelling to our clients, most of whom regard us as a long term partner helping them to achieve their business objectives.The RoleJob DescriptionThis role is responsible for maintaining knowledge of the global threat environment and proactively assessing risk and response strategies to potential emerging threats. It includes undertaking:
  • SIEM configuration/tuning
  • EDR configuration/tuning
  • Resources onboarding
  • Correlation rule creation
  • Security Alert Triage
  • Security Incident Response
  • Security Reporting.
  • Documentations (SOP, improve standards, etc)
Ideal Profile
  • Ability to work autonomously as well as contribute in a team and professional environment
  • Ability to effectively manage multiple, concurrent activities, while understanding and managing priorities, dependencies, and risk
  • Strong communication (verbal and written) and interpersonal skills
  • Strong focus on customer service and outcome
  • Strong in resource coordination, planning, and organizing
  • Proven ability to adapt and maintain a flexible approach to changing needs or priorities
  • Strong reporting and analytical skills with attention to details
  • Strong problem-solving skill with the ability to resolve complex technical issues
  • High level of initiative and self-motivation.
Qualifications
  • ITIL foundations (nice to have not essential)
  • GCIH
  • Splunk certified
  • Monitoring the SIEMs
  • Monitoring and Managing the EDR
  • Minimum five years of Experience working in a SOC preferably with an SI, MSP or a Vendor.
  • Engaging with other relevant technical groups including service desk personnel and system engineers to facilitate the collection of data, and provision of information relevant to supporting related capabilities
  • Understanding output from SIEMs in the context of the environment, escalating incidents appropriately and providing meaningful reporting
  • Experience with the relevant technologies and domains, including system logging and log auditing.
  • Proven experience of developing and enhancing SOC Run Books
  • Proven experience of Case Management and ensuring cases are resolved within required SLA
Desirable experience includes the following:
  • Advanced Configuration and tuning Splunk, ArcSight, Qradar, etc
  • Use case creation and tuning, log onboarding
  • Customizing the use cases
  • System Logging
  • Firewalls
  • Web Gateway
  • EDR – Microsoft, Proofpoint, McAfee, Crowdstrike
  • PAM
  • PKI
  • Deception
  • Vulnerability Management
  • Citrix
  • AWS & Private Cloud hosted technology landscape
  • Working in Classified environments
  • Service desk tools
  • IDAM
  • Incident response tool (TheHive, Resilient)
  • Different security at layers
  • Email Gateway – Decipher malicious Email (O365, Exchange, Zimbra)
What's on Offer?
  • Work within a company with a solid track record of success
  • Join a well known brand within IT Infrastructure / Blockchain / Cloud Computing
  • Excellent career development opportunities

JSAN

Job-uri similare

  • Intune & Microsoft Security Engineer

    E-INFRA

    • București
    E-INFRA este unul dintre cele mai puternice grupuri romanesti, cu o activitate de peste 26 de ani. Prin intermediul companiilor parte a grupului, E-INFRA activează in arii precum i…
    • Acum 2 luni
    • Aplică ușor

  • Agenti de securitate, Romguard Security

    • București
    • 2.700-3.700 Lei pe lună
    Romguard Security angajeaza urgent pentru diverse locatii din Bucuresti si Ilfov. Salarizare 2.700 - 3.700 lei net (bonuri de masa incluse). Program de lucru variat, echipament si …
    • Acum 13 ore