Information Security Analyst (SOC L2)
Katowice, Silesian Voivodeship, Poland
‎19 godz. temu

Job Description

Eurofins is ramping up the Security Operations Center and has a need to extend the L2 incident resolvers team. The person working in L2 SOC team receives incidents escalated from L1 SOC, gets to manage the findings and work towards remediation of the incidents found.

He / she continuously operates the Security Incident process, driving the resolution of identified issues, as part of the team, bringing the necessary experience and expertise above the L1 SOC level.

The role is working in shift mode (24 / 7), after the initial ramp up period.

Specific Assignments :

The main responsibilities of an Information Security Analyst :

  • Monitoring and analysis of cyber security events with use of SIEM, IDS, EDR, antivirus, Internet Footprint tools, proxy solutions
  • Security Event Correlation as received from L1 SOC or Incident Response staff or relevant sources to determine increased risk to the business
  • Recognize potential, successful, and unsuccessful intrusion attempts / compromises thorough review and analysis of relevant event detail and summary information
  • Development and execution of SOC procedures
  • Educating and coaching the L1 colleagues.
  • Triage security events and incidents, detect anomalies, and report / direct remediation actions.
  • Ensure confidentiality and protection of sensitive data.
  • Analysis of phishing emails reported by internal end users for cases going above L1.
  • Working with remediation (IT Infra & Ops) teams on events and incident mitigation
  • Follow up on remediation activities
  • Other Assignments :

  • Support the SOC Manager in his duties (e.g. extension of SOC services to new sites).
  • Support L3 colleagues as required.
  • Qualifications

    Minimum of 2-3 years of professional experience as a SOC Analyst (L1 or L2), threat researcher or hunter or a similar comparable role dealing with incident handling, alert tracking, cybersecurity case management.

    Required :

  • Keen on further developing oneself in the information security world and the security operations.
  • Willing to work in shifts in 24 / 7 schedule (after the initial ramp up period).
  • Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP / IP network protocols and application layer protocols (e.
  • g. HTTP / S, DNS, FTP, SMTP, Active Directory etc.)

  • Experience and keen understanding of cybersecurity tools, including SIEM, IDS / IPS, antivirus and endpoint detection & response solutions.
  • At least 2 years of experience with security incident response.
  • Experience in developing and maintaining Play / Run-Books and / or Standard Operating Procedures in a SOC environment
  • Strong troubleshooting, reasoning, and analytical problem-solving skills
  • Ability to communicate technical details effectively in writing and verbally to junior IT personnel and management

    The position performs in a Threat Researcher role. The Analyst will use advanced network and host based tools that will proactively search through datasets to detect and respond to imminent and potential threats that evade traditional security solutions.

    Candidate should be capable of clear communications to varying audiences across the organization, in addition to seeking and building consensus where needed to achieve a strengthened security posture.

    Additional Information

    We can offer very attractive, multicultural and friendly work environment in fast-growing international company (more than 50 000 employees now), possibility to grow and make the next step in your professional career and self-development, long-term relationship and competitive salary package and bonus, medical and life insurance, possibility of remote working and flexible working hours.

    Zgłoś tę pracę

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Mój adres email
    Klikając przycisk "Kontynuuj", wyrażam zgodę neuvoo na przetwarzanie moich danych i wysyłanie powiadomień e-mailem, zgodnie z zasadami przedstawionymi przez neuvoo. W każdej chwili mogę wycofać moją zgodę lub zrezygnować z subskrypcji.
    Formularz wniosku