SOC Analyst

Responsibilities:

  • Security Monitoring and Response: Perform real-time proactive security monitoring, detection and response to security events and incidents from the various SOC entry channels (SIEM, Tickets, Email and Phone).
  • Incident Categorization: Categorize and assist with resolution of incoming security events and raise necessary incidents after a thorough quality check of the event data.
  • Incident Analysis: Conduct thorough checklist-based investigation of security events generated by detection mechanisms such as SIEM, IDS/IPS, AV, EDR.
  • Incident Escalation: Based on the security incident severity, escalate to service support teams, Tier 2 information security specialists, and/or customer as appropriate to perform further investigation and resolution.
  • Incident Resolution: Work independently or closely with Tier 2 and core support, providing adequate information about incidents required for resolution.
  • Incident Management: Participate in security incident management and vulnerability management processes.
  • Operational Improvements: Recommend enhancements to SOC processes & procedures.
  • Documentation: Ensure clear and concise documentation of analyzed security incidents adhering to SOC internal documentation guidelines.
  • Optimization: Provide input on tuning and optimization of security systems and correlation rules (e.g. whitelist requests).

Requirements:

  • University degree in Information Security/ Computer Science/ Information Technology.
  • Previous experience in Security Analysts or similar position.
  • Broad awareness of cybersecurity events, threats and actors, including trends and emerging systemic risks, MITRE ATT&CK, MITRE DEF3ND.
  • Understanding of basic security principles with an understanding of malware, threat.
  • Good understanding of Operating Systems, Virtualization technologies, Network Devices, Cloud computing concepts, Web Proxies, Firewalls, Intrusion Detection/Prevention Systems, Antivirus/EDR Systems, Data Loss Prevention, Vulnerability Assessment tools, PCI DSS, ISO 27001.
  • Strong understanding of security incident management and response, malware management and vulnerability management processes. Knowledge of TCP/IP Protocols, network analysis, network/security applications and common Internet protocols and applications.
  • Demonstratable hands on skills for Microsoft Defender suite, Azure, Sentinel, Splunk.
  • Excellent English language knowledge, proficiency in Microsoft Office Applications, case management and ticketing systems.
  • Good communication skills, result orientated, high sense of responsibility, preciseness.
  • Excellent verbal and written English: Required for communication across our international locations.

We offer:

  • Monthly gross salary from 2000 to 3700 EUR, depending on your level of expertise
  • Hybrid way of working with cozy office space in the center of Riga, when needed, and flexible working hours opportunities, based on your own preferences.
  • Family-oriented company values and healthy attitude towards work and life balance - granting additional 4 vacation days, birthday leave, "Happy Land" space in the office for children, etc.
  • Individual development and learning plan, including yearly budget for external training.
  • Necessary essentials health insurance with dental services and sports coverage.
  • Possibility to work in mutual trust and positive team environment, to be creative and improve working flows by self-initiatives.
  • Friendly, multicultural and cooperation orientated colleagues.