SOC Analyst
Responsibilities:
- Security Monitoring and Response: Perform real-time proactive security monitoring, detection and response to security events and incidents from the various SOC entry channels (SIEM, Tickets, Email and Phone).
- Incident Categorization: Categorize and assist with resolution of incoming security events and raise necessary incidents after a thorough quality check of the event data.
- Incident Analysis: Conduct thorough checklist-based investigation of security events generated by detection mechanisms such as SIEM, IDS/IPS, AV, EDR.
- Incident Escalation: Based on the security incident severity, escalate to service support teams, Tier 2 information security specialists, and/or customer as appropriate to perform further investigation and resolution.
- Incident Resolution: Work independently or closely with Tier 2 and core support, providing adequate information about incidents required for resolution.
- Incident Management: Participate in security incident management and vulnerability management processes.
- Operational Improvements: Recommend enhancements to SOC processes & procedures.
- Documentation: Ensure clear and concise documentation of analyzed security incidents adhering to SOC internal documentation guidelines.
- Optimization: Provide input on tuning and optimization of security systems and correlation rules (e.g. whitelist requests).
Requirements:
- University degree in Information Security/ Computer Science/ Information Technology.
- Previous experience in Security Analysts or similar position.
- Broad awareness of cybersecurity events, threats and actors, including trends and emerging systemic risks, MITRE ATT&CK, MITRE DEF3ND.
- Understanding of basic security principles with an understanding of malware, threat.
- Good understanding of Operating Systems, Virtualization technologies, Network Devices, Cloud computing concepts, Web Proxies, Firewalls, Intrusion Detection/Prevention Systems, Antivirus/EDR Systems, Data Loss Prevention, Vulnerability Assessment tools, PCI DSS, ISO 27001.
- Strong understanding of security incident management and response, malware management and vulnerability management processes. Knowledge of TCP/IP Protocols, network analysis, network/security applications and common Internet protocols and applications.
- Demonstratable hands on skills for Microsoft Defender suite, Azure, Sentinel, Splunk.
- Excellent English language knowledge, proficiency in Microsoft Office Applications, case management and ticketing systems.
- Good communication skills, result orientated, high sense of responsibility, preciseness.
- Excellent verbal and written English: Required for communication across our international locations.
We offer:
- Monthly gross salary from 2000 to 3700 EUR, depending on your level of expertise
- Hybrid way of working with cozy office space in the center of Riga, when needed, and flexible working hours opportunities, based on your own preferences.
- Family-oriented company values and healthy attitude towards work and life balance - granting additional 4 vacation days, birthday leave, "Happy Land" space in the office for children, etc.
- Individual development and learning plan, including yearly budget for external training.
- Necessary essentials health insurance with dental services and sports coverage.
- Possibility to work in mutual trust and positive team environment, to be creative and improve working flows by self-initiatives.
- Friendly, multicultural and cooperation orientated colleagues.