Senior SOC Analyst (L2/L3)

Project description

We’re looking for a security specialist with experience in security monitoring or penetration testing with a strong desire to perform SOC analyst duties: prepare detection logic, identify threats, respond to incidents and maintain security tools (SIEM, SOAR, EDR, UEBA).

What you will be working on:

  • We are building and growing an industry-leading scalable cloud-only SOC – Cloud Defence Organization with a focus on the most prominent world’s security market – the U.S.
  • You would be a part of the Security Operations Team with the possibility to grow in upcoming years into specialization roles.
  • These roles include Security Analysis, Incident Response, Threat Intelligence, Digital Forensics, Reverse Engineering, Penetration Testing and Security Tools Management.

What's in it for you

  • An opportunity to become a part of the core team that designs and builds the MSSP of the future from scratch. We do that using cutting-edge tools and frameworks.
  • A chance to collaborate and learn closely with top Cyber Security experts who previously built and ran enterprise-grade security platforms
  • If you drive value, contribute and deliver results, you will earn an opportunity to get stock options with a clear exit strategy, which will net a pretty solid reward.
  • Create, lead and be a part of a great team of results-driven alike-thinkers.
  • Competitive salary according to skills, 18 working days of vacation, 10 sick leave days per year.
  • Full documentary and accounting support.
  • Operations abroad.
  • English classes.

DUTIES AND RESPONSIBILITIES

  • Monitoring and tuning SIEM (content, parsing, maintenance).
  • Detect and respond to security incidents and alerts generated from SIEM \ SOAR.
  • Develop and coach L1 analysts.
  • Conduct basic red team exercises to test the effectiveness of preventive and monitoring controls.
  • Prepare post mortem analysis and tech recommendations after major incidents.

REQUIRED SKILLS AND EXPERIENCE

  • Strong understanding of Windows, Linux and networking concepts.
  • Good with scripting languages, able to automate its own work or develop connectors and parsers.
  • Good understanding of security solutions including SIEMs, Web Proxies, Anti-Virus, Firewalls, VPN, authentication, encryption, IPS/IDS as well as working experience with large enterprises.
  • Working knowledge of SIEM solutions like McAfee ESM / Radar / Splunk / ArcSight / Elastic OR significant experience in penetration testing (3Y+) with a strong desire to work in a security operations environment (switch to defensive side).
  • Analytical skills: capable of analyzing complex problems and situations with the purpose of bringing improvements and increasing efficiency.
  • Good communication skills.
  • Team player.
  • English – at least on an Intermediate level

Ready to discuss the job in detail? Send your CV or contact us here