We are a young company, founded in 2019 in Brazil, with the aim of bringing an innovative approach to the information security market, with state-of-the-art proprietary and third-party solutions and highly specialized services such as: cyber intelligence, assessment and adoption of frameworks, digital privacy laws and cyber risk management, offensive cyber simulation service, vulnerability detection and management.
We are looking for a Senior SOC Analyst The SOC (Security Operations Center) Senior Analyst will play a crucial role in leading and managing the security monitoring and incident response activities within the organization.
The candidate will need to show extensive experience in cybersecurity and will oversee the detection, analysis, and mitigation of security threats, ensuring the protection of critical assets and data against cyber attacks.
Key Responsibilities: Leadership and Mentorship: provide leadership and guidance to junior analysts within the SOC team.
Mentor and coach junior staff members, assisting them in skill development and knowledge enhancement.
Security Tool Optimization: Evaluate and optimize the performance of security tools and technologies deployed within the SOC environment.
Recommend enhancements and improvements to existing security infrastructure to enhance detection and response capabilities.
Act as III level support on all SOC issues, be a technical reference and a trustable interface with Vendors in case of need.
Technical responsibility for mid/long term activities (such as patching, cyber security hardening campaigns etc…) Set Up a SIEM and Soar environment.
Perform daily detect & respond functions, working closely with SOC processes on SIEM and SOAR.
Incident Response Planning and Execution: Develop and maintain incident response plans, procedures, and playbooks.
Coordinate and execute tabletop exercises and simulation drills to test the effectiveness of incident response processes.
Able to have a "creative" mindset oriented to problem resolution, think about work around solutions and be able to implement them.
Maintaining 7x24 comprehensive situational awareness of customer cyber-threat landscape as it relates to security monitoring.
Must have qualifications: At least 3 years' experience on firewall configuration with specific skills on Fortinet.
It is recommended to provide multiple NSE certifications.
At least 2 years' experience on AntiDDoS platform, familiarity with AntiDDoS mechanics, ability to troubleshoot mitigation effects and correlate them with customer feedbacks.
Experience in security incident management operations (at least two years).
Be familiar with MFA mechanics and platforms.
Be familiar with mail protections platforms.
Coding Experience in Scripting & programming languages (such as Java, Bash, Python, PowerShell, etc.)
to use these skills to aid in responding to incidents involving Windows, Linux, and Mac hosts, as well as automate common analytical processes to reduce analyst time and avoid repetitive incident response tasks.
Familiarity with industry standards like OWASP TOP10, CVSS, CIS, NIST etc.
Knowledge of networking protocols, operating systems, and cybersecurity principles.
Experience in proposing improvement actions and advanced SIEM configurations.
Experienced in SIEM products (QRadar, McAfee, CryptoSIM, Splunk, Logsign etc.)
and SOAR products.
Deep knowledge of NG Firewalls, IPS, WAF, EDR, XDR, SOAR, SIEM, and DLP solutions to assess each of the cybersecurity technology's responses.
Experience with SOC activities, quality evaluation and improvements.
Networking skills and experience, CCNA or equivalent.
Strong analytical and problem-solving skills, with attention to detail.
Good communication skills, both verbal and written.
Ability to work effectively in a team environment and collaborate with colleagues across different departments.
Willingness to work in a fast-paced environment and adapt to changing priorities.
Ethical mindset and commitment to maintaining the confidentiality and integrity of sensitive information.
We offer a permanent contract with a really interesting compensation pack.
Seniority level Associate
Employment type Full-time
Job function Information Technology and Management
Industries IT Services and IT Consulting and Business Consulting and Services
#J-18808-Ljbffr