Kraków, małopolskie, Polska Dodano: 2024-03-30 | ID oferty: 2130275
Your new company
International well-known company is entering the Cracow market and establishing a Security Operations Center. The company is offering new job opportunities to specialists in the field of SOC operations.
o Contract of employment
o Hybrid working model (office 2x/week)
Your new role
Cybersecurity SOC Tier 2 analysts must be able to do the following:
o Correlate threat data from various sources to establish the threat/impact against the network.
o After assessment of the data, recommend appropriate countermeasures, facilitating tracking, preliminary handling of investigations, and reporting of all security events and computer incidents.
o Remediation actions and apply lessons learned to security incident investigation and resolution
o Perform monitoring, identification and resolution of security events to detect threats through analysis, investigations and prioritization of events based on risk/exposure
o Develop processes which analyse data, producing accurate, meaningful, easily interpreted results based on user requirements and use cases
o Develop processes which align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center
o Create custom tool content to enhance capabilities of security operations teams
o Manage the collection, documentation and research of security events generated by the SOC monitoring platform and infrastructure
o Provide support to Security Incident Management aligned with NIST standards
What you39ll need to succeed
Technical writing experience:
o Standard Operating Procedures
o Runbooks/Playbooks
o Incident Response Plans
o Support training develop with both analysts and tabletop exercises
o Assist or lead the effort in Tool configuration and content creation
Qualifications:
o experience on one of the following team(s): Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)
o Degree in Computer Science, Information Technology, or equivalent work experience
o Experience supporting Cybersecurity Operations in a large enterprise environment
o Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution
o Experience with SIEM & Log Management solution
o Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) Metrics
o CCNA Security, GCIA, GCIH, CYSA+, Security+ or other related security certifications
o At minimum there must be one active security certification
Experience with one or more of the following tools:
o Qradar SIEM/Cortex XSOAR
o SentinelOne
o Proofpoint Email
o Azure Suite
o Zscaler
Working Hours
o 8am – 6pm local time- 4 days per week
o 2 days office x 2 days home office
o Contract of employment
What you need to do now
If you39re interested in this role, click 39apply now39 to forward an up-to-date copy of your CV, or call us now.
Hays Poland sp. z o.o. is an employment agency registered in a registry kept by Marshal of the Mazowieckie Voivodeship under the number 361.
Jeżeli jesteś zainteresowana(y) ofertą pracy skontaktuj się z nami na poniższe dane. Przesyłając do nas swoje CV prosimy zawrzeć klauzule o zgodzie na przetwarzanie danych w celu rekrutacji.
HAYS