Description
SOC Security Analyst - ArcSight, SIEM, CISSP, Firewalls, End Point Security is required by my client. The role is Paris based but there will be opportunity to work from home.
Skills and background:
MUST HAVE
2 years' experience working in a SOC
2 years' experience working with ArcSight as an security analyst
2 years' experience working as a security analyst
The profiles are expected to have the following background:
- Experience in information security domain 7 years
- Experience in network and/or Firewall engineering, system administration, design and implementation or related field 5 years
- Experience in security analysis and SIEM content development 3 years
- Experience in penetration testing 2 years
- Work experience in a global organization 3 years
- Profiles are expected to have the following skills:
- Deep information security expertise
- Excellent knowledge of one of the SIEM products
- Knowledge of network technologies, Windows and Unix administration
- Knowledge of typical security devices such as Firewalls, intrusion detection systems, AV and End Point security, Web Application Firewalls, anti-spam systems, event correlation systems, etc.
- Understanding of security threats, attack scenarios; analysis and intrusion detection skills
- Excellent analytical skills and out-of-the box thinking
- Excellent communication capabilities
- Team player
- Fluent in English
- Information Security and/or Information Technology industry certification (GIAC, CISSP or equivalent) strongly preferred
Role Responsibilities:
- Provide superior technical security expertise to ensure that the Security Operations Centre (SOC) is delivering a professional service to its customers
- Conduct detailed analytical queries and investigations, identify areas that require specific attention, identify indicators of compromise (IOC) or events of interest (EOI) that need further investigation and develop use cases and rules to be developed into the SIEM platform
- Develop and improve Security Information and Event Management (SIEM) content and all other technologies used in the team, continually refining the rules and logic to make the detection capabilities more efficient and effective
- Create and enhance internal processes and procedures
- Professional communications and reporting to SOC stakeholders and customers
- Act as a mentor to all First Level Security Analysts in India, support and supervise them, ensure knowledge transfer within the team
- Deliver qualified information about actual threats and indications, recommendations how the associated risk can be mitigated
- Contribute to the overall performance and success of the Security Operations Centre
The profiles will work on the following tasks:
- Build on and continuously improve SOC analytics framework
- Ensure effective operation of SIEM content: filters, rules, expressions and other identification mechanisms of the threat and vulnerability management technologies used within the SOC
- Mentor and guide the First Level Security Analysts
- Provides professional data analysis within the SOC processes and to SOC customers in order to drive further security measures and risk mitigation activities.
- Responsible for execution and maintenance of SOC related analytical processes and tasks
- Detailed technical security reporting to my clients operating companies and appropriate stakeholders
- Work closely with other Information Security teams to ensure effective intrusion detection and incident response
- Continually maintain and improve technical capabilities through individual development activities, accreditations and certifications to remain constantly prepared to challenge the ever-evolving cyber threat
- Handover the activities to other internals
Mercator IT Solutions provides services as an agency and an employment business