SOC Analyst (Tier 2)
Division : CISO
Cyber Defense Centre (CDC) is part of the Chief Information Security Officer Office. The main responsibility of the team is to reduce the risk of Euroclear cyber threat surface by monitoring for malicious intent targeted at Euroclear’s services, it’s supporting assets and people. We do this through the Cyber Threat Management (CTM) capabilities, Security Operations Centre (SOC), and Cyber Incident & Response Team (CIRT). This includes cyber threat intelligence, vulnerability management, penetration testing, brand and digital footprint monitoring, security incident and event monitoring, cyber analytics, incident management and forensic analysis.
CDC supports capabilities within the security domain and acts as subject matter expert across all divisions in the company as well as interacts with external stake holders, including customers, oversight bodies, threat intelligence providers, and third parties.
The Security Operations Centre (SOC) houses the information security team responsible for monitoring and analysing an organization’s security posture on an ongoing basis. The SOC team’s goal is to provide 24x7x365 capabilities to detect, analyse, and respond to cybersecurity incidents using a combination of technology solutions and a strong set of processes. The SOC staff works closely with the Cyber Incident Response team (CIRT) to ensure security issues are addressed quickly upon discovery.
The SOC monitors and analyses activity on networks, servers, endpoints, databases, applications, websites, and other systems, looking for anomalous activity that could be indicative of a security incident or compromise.
Role
You will be responsible to respond to alerts or conduct incident response operations according to documented procedures and industry best practices. You have excellent communication skills.
You will be asked to participate in multiple intelligence communities and be able to disseminate pertinent information throughout the SOC.
You show broad experience in Linux and/or Windows operating systems as well as multiple security areas such as SIEM, IDS, EDR, and WAF while having a deep knowledge of networking and attack methods. Must display enthusiasm and interest in Information Security.
- First point of escalation for the Tier 1
- Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets
- Review and build new operational processes and procedures. Review the automated process workflows and provide feedback for updates/enhancements
- Triage and investigation of advanced vector attacks such as botnets and advanced persistent threats (APTs)
- Advice on the tuning of IDS, proxy policy, in-line malware tools based on threat feeds, trust and reputation data, incidents, or vulnerabilities and exploits of downstream systems
- Provide use case creation/tuning recommendations to the Security Intelligence Analyst based on findings during investigations or threat information reviews
- Lead response actions for incidents where CIRT is not required to intervene (low/medium priority)
- Work directly with data asset owners and business response plan owners during low and medium severity incidents
- Performing administrative tasks per management request (ad-hoc reports / trainings)
- Support the creation and maintenance of a knowledge base
- Provide training, knowledge sharing sessions to the Tier 1 team
- Support the Service Delivery Manager with reporting
Technical Skills
- We are building a new team. You have at least 3 years of experience in SOC.
- In depth knowledge TCP/IP
- Knowledge of systems communications from OSI Layer 1 to 7
- Experience with Network and Network Security tools administration
- Knowledge of log formats and ability to aggregate and parse log data for syslog, http logs, DB logs for investigation purposes
- Ability to define a containment strategy and execute
- Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)
- Good knowledge of threat areas and common attack vectors (MITRE ATT&CK)
- Nice to have:
- Experience with Endpoint Detection & Response (EDR) Solutions
- Experience with log search tools such as Splunk, usage of regular expressions and natural language queries
- Knowledge of common security frameworks (ISO 27001, COBIT, NIST)
- Previous experience in the financial industry
- Scripting (automation) and familiarity with Cloud (AWS/Azure)
Soft Skills
- Passion and drive to work in start-up division with potential of significant growth in scope and services
- Possess good logical and analytical skills to help in analysis of security events/incidents
- Ability to interact with staff, peers and customers on a technical and professional level
- Effective verbal and written communication skills
- Fast and independent learner, with ambition to self-improve
- Have good analytical skills/problem solving skills
SOC Analyst (Tier 2) job opportunities 2024, SOC Analyst (Tier 2) Jobs 2024, SOC Analyst (Tier 2) job opening 2024, SOC Analyst (Tier 2) job vacancies 2024, SOC Analyst (Tier 2) job descriptions 2024, SOC Analyst (Tier 2) job listing 2024 Euroclear job opportunities 2024, Euroclear Jobs 2024, Euroclear job opening 2024, Euroclear job vacancies 2024, Euroclear job descriptions 2024, Euroclear job listing 2024 Poland job opportunities 2024, Poland Jobs 2024, Poland job opening 2024, Poland job vacancies 2024, Poland job descriptions 2024, Poland job listing 2024, New Zealand Postal Service Jobs 2024, New Zealand Postal Service job opportunities 2024, New Zealand Postal Service job opening 2024, New Zealand Postal Service job vacancies 2024, New Zealand Postal Service job descriptions 2024, New Zealand Postal Service job listing 2024
For more information please click the link below