Senior SOC/CSIRT Analys
- Job Type:
- Information & Cyber Security
- €90,000 – €110,000
- Ref #:
Working as part of a team of a global Security Operations & Incident Response Team to deliver 24x7x365 continuous and Real Time Monitoring, Analysis, Incident Response, Threat Hunting and Intelligence services globally, across the enterprise - providing a coordinated suite of integrated functions; enabling us to identify, prevent, monitor and respond to threats.
Key focus areas
- Monitor all managed security services (MSS) platforms and services.
- Manage and resolve security incidents and events to protect corporate IT assets
- Provide monitoring, alerting and incident handling services within the SOC. Act as the tier 2/3 analytical escalation reference point for identifying and then quantifying the nature and extent of an attack and offer initial professional advice relating to possible business impact
- Advise on incident containment measures
- Provide advice relating to potential mitigation measures in order to prevent, or limit future reoccurrence
- Develop and maintain a credible knowledge of current and emerging threats likely to affect the Integrity of the information systems you are protecting
- Ensure appropriate remediation is undertaken in relation to vulnerabilities scanning and penetration testing activities.
- Ensure appropriate assurance against new or changing applications/services/websites/APIs.
- Identify threats against and vulnerabilities in computer assets. Implement remediation plans to mitigate vulnerabilities.
- Monitor IT hardware and software against build standards
- Management of Security platforms including but not limited to, Firewalls, IDS/IPS, Endpoint Security, CASB.
- Maintain outputs to global cyber risk dashboards that provide meaningful metrics for IT computer systems (eg cross platform patch management and anti-malware status)
- Work closely with Service Delivery Operations teams
- Bachelor’s degree in Computer Science, Information Systems or Engineering or equivalent work experience
- Minimum of 3-5 years’ experience working within a SOC environment
- Experience of working with enterprise endpoint security platforms
- A good understanding of information and cyber security principles and best practices
- A strong understanding of endpoint security controls
- Experience of Vulnerability Management and Threat Intelligence
- Experience of working with enterprise endpoint security platforms (AV/anti-malware, EDR, DLP)
- Proficiency of Operating System fundamentals and OS Security (Windows, OSX & Linux).
- Proficiency in Networking Principles, Protocols, & Practices.
- Understanding of traditional ITIL concepts Incident, Change and Problem management.
- Understanding of Cloud Security Principles (AWS/Google/Azure)
- Understanding of Open-Source network analysis tools, and Open-source intelligence tools (OSINT).
- In-depth knowledge of the Cyber Kill-Chain, Intelligence-driven defense and security architectures.
- Ability to help write concise reports based on complex data with accuracy, brevity, and speed.
- Ability to pick up new products and platforms quickly, transferring skills and best practices when needed • One or more of the following certifications: CompTIA Security+, SANS GIAC, SSCP, CISSP, CSSLP, CISA, CISM2
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences
- Excellent problem solving and analytical skills, individual must be a team player, strategic and analytical thinker, able to think “big picture”, as well as focus on trends and data coupled with industry themes, and able to multi-task on projects
- Demonstrate the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and