Security Operations Center Analyst
Incident Detection & Response
Our client, a leading player in the Oil and Gas Industry, is currently looking for a Security Operations Center (SOC) Analyst – Incident Detection & Response.
You will be responsible for the daily cybersecurity incident detection, investigation, and response. Using the tools provided, you will report security threats and take them all the way from identification to eradication.
The role requires a six (6) days on and three (3) off work schedule, including weekends and bank holidays, and rotating between morning shifts (07:00 – 15:30) and afternoon shifts (13:30 – 22:00).
Who we are:
We are a team of eight and our job is to protect the client from threats, so it can continue to provide uninterrupted services to the mother company.
Our team is responsible for processes such as security monitoring, threat detection, incident response, threat intelligence, threat hunting, and vulnerability management, and security solutions management and maintenance.
- Has 4+ years of experience working on security incident detection, investigation, and response.
- Has a bachelor degree or equivalent in Technology, Computer Science or related field.
- Has working experience with Enterprise Security Information Event and Management (SIEM) tools and Log Management tools. Preferably, the candidate has basic knowledge and experience in Use Case Management.
- Has working experience with Endpoint Detection and Response (EDR) tools.
- Has the fundamental knowledge and experience on host and network forensics.
- Has basic knowledge on security technologies, such as Firewalls, Secure Web and Email Gateways, Intrusion Detection Systems (IDPS), Application Control, Sandboxing, etc.
- Is knowledgeable on Microsoft Windows and Linux internals.
- Preferably, has working experience and/or knowledge in the following:
- YARA rules
- MITRE ATT&CK Framework and Cyber Kill Chain
- Security Orchestration, Automation and Response (SOAR) solutions
- Threat Hunting
- Scripting language skills (Python, PowerShell)
- Has a high degree of curiosity, especially in regards to incident investigation and response. The candidate is not required to make quick assumptions, but rather looks deep and analyses extensively, in order to find hidden connections.
- Thinks and acts creatively and is not restricted to standard solutions.
- Is a good team player who enjoys working and exchanging knowledge and information. In addition, the candidate must be willing and capable of working for extended hours alone, during afternoon shifts and weekends.
- Has a critical mindset, speaks up, and challenges processes, ideas, etc., with the intention of improving the work and the team.
- Constantly works on improving his/her knowledge on cyber security and other business fields.
- Is very proficient in the English language.
Our client offers an exceptional salary and benefits package within a stimulating work environment.
Interested? Please send your CV with salary indicator to Hannah Bricklebank at Madison Parker International - firstname.lastname@example.org