Security Ops Tier 2
My Client, an exciting company who have experienced a massive amount of growth recently are expanding their Security Operations Team.
If you have at least 3 years working in a SOC and feel like you are ready to make the next step, then this could be the role for you!
* Work with alerts from the Tier 1 SOC Analysts, to perform in-depth analysis and triage of network security threat activity based on computer and media forensics, malicious code analysis, and protocol analysis.
* Assist with the development of incident response plans, workflows, and Standard Operating Procedures.
* Monitoring and management of SIEM infrastructure.
* Review and fine tune the false positive incidents.
* Provide feedback and Automate the common recurring tasks.
* Develop and implement detection use cases.
* Leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
* troubleshooting scripts used for internal process.
* review vulnerability scans and send vulnerability assessment reports.
* Proactively conduct research of client network traffic and system activity looking for security anomalies and suspicious activities.
* Perform Advanced Persistent Threat correlation between multiple security event sources such as firewall logs, threat intelligence feeds, AV, IDS, IPS, and EDR solutions.
* Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environment.
* Experience on SIEM technology, preferably on IBM QRadar
* Device Knowledge such as Firewall, IPS/IDS, Routers/Switches
* Security certifications (CISSP, CISM, GIAC certs) preferred
* ITIL V3 certified
* 2+ years of experience working in Security Operations Centre with a Security Incident & Event Management (SIEM) to correlate events across several devices.
* Strong understanding of network devices such as Intrusion Detection Systems (IDS)/ Intrusion Prevent Systems (IPS), firewalls, network packet capture tools, and file integrity monitoring tools.
* Proficient knowledge in incident prevention, detection and response tools
* Knowledge of network and server security products, technologies, and protocols
* Requires background in at least 2 of the following domains: hacking and incident response; network forensics; security engineering, security analysis and investigations
* Career progression
For more information, contact Peter Raine at Reperio Human Capital on 01 571 3000.
Reperio Human Capital acts as an Employment Agency and an Employment Business.