Security Operations Centre Analyst - Splunk soc

Brussels  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

Candidates in this role will provide advanced security event analysis, incident hunting and threat intelligence analysis activities. Candidates in this role must have excellent communication skills. Candidates will be required to participate in multiple intelligence communities and be able to disseminate pertinent information throughout the SOC.

- Part of the SOC team

- First point of escalation for the Tier 1

- Advanced analysis of security alerts escalated by the Tier 1 team, determination of the nature of the event and escalation to CIRT for incident response

- Hunting for suspicious anomalous activity

- Analyze cyber threats and security intelligence feeds and extract relevant indicators of compromise

- Perform hunting activities based on IOC information

- Review and build new operational processes and procedures.

- Provide rule development/tuning recommendations based on findings during investigations or threat information reviews

- Lead response activities for predefined low/medium priority incidents

- Support the creation and maintenance of a knowledge base

- Provide training, knowledge sharing sessions to the SOC team

- Reporting activities

Qualifications

- 2+ year prior experience in a similar position

- In depth knowledge TCP/IP

- Knowledge of systems communications from OSI Layer 1 to 7

- Experience with Systems Administration, Middleware, and Application Administration

- Experience with Network and Network Security tools administration

- Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)

- Good knowledge of threat areas and common attack vectors (malware, phishing, APT, technology attack etc.)

- Experience with log search tools such as Splunk, usage of regular expressions and natural language queries

- Possess good logical and analytical skills to help in analysis of security events/incidents

- Ability to interact with staff, peers and customers on a technical and professional level

- Effective verbal and written communication skills

- Able to learn a lot in a limited period of time, self-study oriented

- Have a good analytical skills/problem solving skills

Training and Certifications

- Basic College Degree or equivalent

- Nice to have:

CEH certified

SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling training

Advanced Security Essentials - SEC501 (optional GCED certification)

Perimeter Protection In Depth - SEC502 (optional GCFW certification)

Languages: English mandatory (fluent)

Work location city: Belgium

Start date
Immediate
Duration
6 Month Contract - Rolling
From
Next Ventures Ltd
Published at
26.07.2017
Project ID:
1387193
Contract type
Freelance
To apply to this project you must log in.
Register