Contexte du recrutement
We are searching for a SOC Analyst
who will be responsible for monitoring, reporting, and analyzing security
incidents reported by our SOC team.
The primary role pertaining to
this position is to manage and provide weekly reports for the security
incidents, manage the potential security incidents backlogs, analyze and investigate
the incidents, monitor the analytics tools and perform alert management and
initial incident qualification. He or She
will work in a transversal manner
with SOC , IT security and IT
infra teams.
Responsabilités et missions du poste
- Experience with an enterprise-grade SIEM platform
(i.e Splunk).
- Experience in Security Event analysis &
triage, incident handling and root-cause identification, and security
tickets management.
- Specialty in one or more of the following
Information Security domains: Cyber Intelligence Analysis, Threat Monitoring,
Incident Response, Machine Learning & Artificial Intelligence,
Malware Analysis, Computer Forensics, Endpoint Protection, Network
Security, Infrastructure Security, Application Security, Platform
Security, Identity & Access, Management, Security Education &
Awareness, Vulnerability Scanning & Management, and Compliance &
Risk Management
- Excellent team-working skills, and a "can
do, let's get it done" attitude is crucial.
- A desire to keep learning, extending your skills
and pushing the boundaries of your knowledge.
Responsibilities
- Prioritizing and differentiating between
potential intrusion attempt and false alarms.
- Examples of incidents involve unauthorized
access, suspicious services, malware identification, etc.
- Work within, and ultimately help shape, our
response framework for globally scalable cyber defense
- Provide technical guidance to client
organizations to correctly gather relevant data, analyze and respond to
cyber security incidents.
- Contributes to the development and improvement of
SIEM control policies.
- Apply broad security industry, technology,
business and professional knowledge to contribute to policy-making and
process design.
- Correlate threat intelligence with active attacks
and vulnerabilities within the enterprise.
- Research and stay current on the latest trends,
best practices, and technology developments.
- Facilitate the integration of threat and data
feeds for the purposes of incident response.
