Cybersecurity Analyst
Cybersecurity Analyst (SOC Tier 2)
SOC, Cybersecurity Analyst, CERT, CIRT, CSIRC
Your new role
Cybersecurity SOC Tier 2 analyst must be able to do the following:
- Correlate threat data from various sources to establish the threat/impact against
the network.
- After assessment of the data, recommend appropriate countermeasures,
facilitating tracking, preliminary handling of investigations, and reporting of all
security events and computer incidents.
- Remediation actions and apply lessons learned to security incident investigation
and resolution
- Perform monitoring, identification and resolution of security events to detect
threats through analysis, investigations and prioritization of events based on
risk/exposure
- Develop processes which analyzes data, producing accurate, meaningful, easily
interpreted results based on user requirements and use cases
- Develop processes which align with enterprise incident response activities and
coordinate closely with other teams within the Security Operations Center
- Create custom tool content to enhance capabilities of security operations teams
- Manage the collection, documentation and research of security events generated
by the SOC monitoring platform and infrastructure
- Provide support to Security Incident Management aligned with NIST standards
What you'll need to succeed
Technical writing experience:
• Standard Operating Procedures
• Runbooks/Playbooks
• Incident Response Plans
• Support training develop with both analysts and tabletop exercises
• Assist or lead the effort in Tool configuration and content creation
Qualifications :
• experience on one of the following team(s):
Computer Incident Response Team (CIRT),
Computer Emergency Response Team (CERT),
Computer Security Incident
Response Center (CSIRC) or a Security Operations Center (SOC)
• Degree in Computer Science, Information Technology, or equivalent work experience
• Experience supporting Cyber Security Operations in a large enterprise environment
• Experience with Incident Response, analysis of network traffic, log analysis, ability to
prioritize and differentiate between potential intrusion attempts and false alarms,
managing and tracking investigations to resolution
• Experience with SIEM & Log Management solution
• Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain,
Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) Metrics
• CCNA Security, GCIA, GCIH, CYSA+, Security+ or other related security certifications
• At minimum there must be one active security certification
Experience with one or more of the following tools:
• Qradar SIEM/Cortex XSOAR
• SentinelOne
• Proofpoint Email
• Azure Suite
• Zscaler
Working Hours
• 8am – 6pm local time- 4 days per week
• 2 days office x 2 days home office
• Contract of employment
What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
Hays Poland sp. z o. o. is an employment agency registered in a registry kept by Marshal of the Mazowieckie Voivodeship under the number 361.
Well done! Good to go.
Bądź pierwszy, który ubiega się o to miejsce pracy!
-
Dlaczego szukać pracy na HitPraca.pl?
Subskrybuj oferty pracy
Codziennie nowe oferty pracy Możesz wybierać z bardzo szerokiej gamy ofert pracy - naszym celem jest posiadanie jak najszerszej oferty pracy Otrzymuj nowe oferty e-mailem Bądź pierwszym, który odpowie na nowe oferty pracy Wszystkie oferty pracy w jednym miejscu (od pracodawców, agencji pośrednictwa pracy i innych portali) Wszystkie usługi dla kandydatów do pracy są bezpłatne Pomożemy Ci znaleźć nową pracę