Security Operations Center (SOC) Analyst (Level 2)

Cyprus Job Market

GCC Computers has a distinguished presence in Cyprus as providers of IT-based solutions and System Integrators and has built a strong reputation a technology professionals and employers. For more than 30 years we have enjoyed considerable success serving the broader Government, semi-Government, Telecommunications, Utilities and Banking markets with core Business Solutions as well as Hardware, Networking and Network Security Solutions. GCC Computers Ltd has a number of partnerships with leading vendors including Juniper Network, HPE and Fortinet.

The Role:

The SOC Analyst (Level 2) will join our SOC team and leverage a variety of tools and resources to proactively detect, investigate, and mitigate emerging and persistent threats impacting customer’s networks, systems, and applications.

Key Responsibilities:

  • Forensics and Incident response:
  • Serve as escalation point for conducting investigations into security incidents involving advanced and sophisticated threat actors and TTPs
  • Perform forensic collection and analysis of electronic assets, devices, and log sources
  • Manage incident response activities including scoping, communication, reporting, and long-term remediation planning
  • Threat Hunting:
  • Identify, collect, and analyse threat intelligence from internal and external sources and teams
  • Develop hypotheses, analyse techniques, and execute hunts to identify threats across the environment
  • Interface with security teams and business stakeholders to implement countermeasures and improve defences
  • Big Data analysis and reporting:
  • Utilizing SIEM/Big data to identify abnormal activity and extract meaningful insights.
  • Research, develop, and enhance content within SIEM and other tools
  • Technologies and Automation:
  • Interface with engineering teams to design, test, and implement playbooks, orchestration workflows and automations
  • Research and test new technologies and platforms; develop recommendations and improvement plans
  • Day to day:
  • Coordinate investigation, containment, and other response activities with Customers
  • Provide mentoring of junior staff and serve as point of escalation for higher severity incidents
  • Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement
  • Recommend or develop new detection logic and tune existing sensors / security controls
  • Work with security solutions owners to assess existing security solutions array ability to detect / mitigate the abovementioned TTPs
  • Creating custom SIEM queries and dashboards to support the monitoring and detection of advanced TTPs against company network.
  • Develop and review technical documents and checklists to explain abstract IT and cybersecurity technologies and concepts
  • Develop and review detailed or complex technical documents such as techniques, tactics, and procedures (TTPs), concepts of operations (CONOPS), special instructions and engineering plans, for supported enterprise IT and cybersecurity technology, services, applications, and processes
  • Host and/or participate in technical meetings as necessary

Required Qualifications:

  • Bachelor’s degree in Computer Science, Information Technology, or a related field Relevant Technical Security Certifications
  • 5+ years of experience in Incident Response / Computer Forensics / SOC team / Threat Hunting or related fields is required
  • Host and network based forensic collection and analysis
  • Dynamic malware analysis, reverse engineering, and/or scripting abilities
  • Proficient with forensic tools
  • Understanding of Advanced Persistent Threat (APT) and associated tactics
  • Experience managing security solutions preferably in an enterprise environment, or at minimum ability to demonstrate proficiency in using IDS solutions in smaller scale
  • Experience managing and configuring (or triaging events from) enterprise-level firewalls or vulnerability scanners is considered a plus
  • Experience with SIEMs, ticketing systems and other platforms in SOC environments
  • Experience with ansible is considered a plus
  • CompTIA Security+/CySA+ or similar level cyber security certifications from other vendors is a must
  • Scripting Language skills in Python or PowerShell
  • Very strong team and interpersonal skills along with the ability to work independently and achieve individual goals
  • Coordinate with other team members to achieve the specified objectives
  • Effective oral and written communication skills
  • Ability to prioritize tasks alongside with strong organizational skills
  • Excellent customer service skills
  • Ability to mentor Junior SOC Analysts
  • Willing to learn and join training to improve their knowledge.
  • GCIA, GCIH, GMON or related certifications are considered a plus

Applications:

Interested candidates must electronically submit their applications with a recent C.V to before 5th of March 2021, quoting the above job title.

The application must clearly outline the relevant technical experiences of the candidates.

Due to high volume of applications received, only shortlisted candidates will be responded to.

Μη διαθέσιμο

ΚΛΑΔΟΣ ΑΠΑΣΧΟΛΗΣΗΣ: Μη διαθέσιμο

ΠΑΡΟΜΟΙΕΣ ΔΟΥΛΕΙΕΣ

Λευκωσία

αναρτήθηκε χθές

Λευκωσία

αναρτήθηκε χθές

Λεμεσός, Λευκωσία

αναρτήθηκε χθές

Ergodotisi

Source: