My client is a global financial services company with offices based in Dublin city centre. Due to expansion of their SOC operation in Dublin They are seeking senior security engineers to join the team.
The candidate will join a team currently responsible for providing first level triage (investigative response) for security events including but not limited to intrusion detection, malware infections, denial of service attacks, privileged account misuse and network breaches.
The overall team scope within the security event lifecycle includes:
• Confirming event collection, enrichment, and correlation, and escalating issues to a separate SIEM engineering team
• Triaging alerts to eliminate false positives, including analysis of network data (e.g., packets, logs) and endpoint data (e.g., logs, malicious artefacts) in both structured and unstructured methods.
• Triggering standard detective and corrective responses
• Escalating impactful security incidents and providing investigative support to other Security Operations teams, such as Incident Management and Forensics Response teams
• Work with Business application and infrastructure owners to expand the scope of coverage of the security monitoring service based on business use cases or changes in threat landscape.
• Provide feedback to security control owners to help tune systems based on the results of triage and investigations.
• Improving the service level for security operations and monitoring. Creating and maintaining system documentation for security event processing.
• Designing test logic that will synthetically validate security tools are properly instrumented and use cases are properly configured to alert as expected.
• Providing reporting and metrics around security monitoring by designing dashboards for asset owners and management consumption.
• Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred, 5-10 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.
• Strong verbal and written communication skills, including the ability to provide technical thought leadership on security incident investigation calls with other technology teams, and the ability to translate complex technical concepts into plain English for consumption by non-technical audiences
• Fundamental understanding of application protocols (HTTP, DNS, FTP, etc.) and networking protocols (TCP, UDP, ARP, ICMP, etc.), and be comfortable analyzing packet capture (pcap) files in tools such as Wireshark
• Understanding of network, desktop and server technologies, including experience with network intrusion methods, network containment, segregation techniques and technologies such as Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS)
If you are interested in the Security engineer (SOC) role, please click on apply now or contact Ian Donnelly on 016621000