Cybersecurity Analyst (SOC Tier 2)

Your new company 

International well-known company is entering the Cracow market and establishing a Security Operations Center. The company is offering new job opportunities to specialists in the field of SOC operations. 

o Contract of employment 

o Hybrid working model (office 2x/week) 

Your new role 

Cybersecurity SOC Tier 2 analysts must be able to do the following:

o Correlate threat data from various sources to establish the threat/impact against the network.

o After assessment of the data, recommend appropriate countermeasures, facilitating tracking, preliminary handling of investigations, and reporting of all security events and computer incidents.

o Remediation actions and apply lessons learned to security incident investigation and resolution

o Perform monitoring, identification and resolution of security events to detect threats through analysis, investigations and prioritization of events based on risk/exposure

o Develop processes which analyse data, producing accurate, meaningful, easily interpreted results based on user requirements and use cases

o Develop processes which align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center

o Create custom tool content to enhance capabilities of security operations teams

o Manage the collection, documentation and research of security events generated by the SOC monitoring platform and infrastructure

o Provide support to Security Incident Management aligned with NIST standards

What you39ll need to succeed 

Technical writing experience:

o  Standard Operating Procedures

o  Runbooks/Playbooks

o  Incident Response Plans

o  Support training develop with both analysts and tabletop exercises

o  Assist or lead the effort in Tool configuration and content creation

Qualifications:

o  experience on one of the following team(s): Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)

o Degree in Computer Science, Information Technology, or equivalent work experience

o  Experience supporting Cybersecurity Operations in a large enterprise environment

o  Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution

o  Experience with SIEM & Log Management solution

o Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) Metrics

o  CCNA Security, GCIA, GCIH, CYSA+, Security+ or other related security certifications

o At minimum there must be one active security certification

Experience with one or more of the following tools:

o  Qradar SIEM/Cortex XSOAR

o  SentinelOne

o Proofpoint Email

o Azure Suite

o  Zscaler

Working Hours

o  8am – 6pm local time- 4 days per week

o  2 days office x 2 days home office

o  Contract of employment 

What you need to do now 

If you39re interested in this role, click 39apply now39 to forward an up-to-date copy of your CV, or call us now.

Hays Poland sp. z o.o. is an employment agency registered in a registry kept by Marshal of the Mazowieckie Voivodeship under the number 361.