Security Operation Center (SOC) Analyst

Security Operations Centre (SOC) Analyst Location: The Hague, the Netherlands Skills, knowledge, experience required:

• Experience as a Security Operations Centre Analyst;
• Minimum 1 year of experience in using, configuring, and tuning a security information and event management (SIEM) tool, ideally Splunk and/or ArcSight;
• Experience with a log management solution such as HP ArcSight Logger and/or Splunk or equivalent;
• Experience in writing and optimizing IDS signatures (preferably Snort and/or Suricata);
• Knowledge on:
• Network security solutions and technologies such as:
• Firewalls;
• Network intrusion detection systems (IDS);
• Intrusion prevention systems (IPS);
• Host-based security solutions:
• Host-based intrusion prevention systems (HIPS);
• Malware end-point protection;
• Operating system logs;
• Good knowledge on:
• MS Windows security events analysis;
• Security analysis of firewall, proxy, and IDS logs;
• Excellent analytical and critical thinking skills;
• Very good interpersonal skills with the ability to work well both independently and in a team;
• High degree of commitment and flexibility;
• High level of customer and service orientation;
• Ability to work effectively in an international and multi-cultural environment;
• Readiness to work in a 24/7 shift mode;
• Very good communication skills in English, verbally and in writing.

Duties/role:

• Experience in writing and optimizing YARA rules

Duties/role:

• Acting as the 1st line of response regarding a potential occurrence of a cyber-attack or security incident, supported by several automated tools such as IDS, log correlation engines and SIEM, ticketing system, and alerts and warning from internal and external sources;
• Receiving, triaging, and responding to alerts, requests, and reports;
• Analyzing events and potential incidents;
• Providing the primary support for Incident Responders;
• Assessing whether a security incident or the level of exposure of a vulnerability is a true or false positive, tagging the vulnerability or incident with an initial severity classification, and activating the corresponding incident response playbook entry;
• Following pre-defined procedures to perform technical tasks related to identity and access management (IAM).

VECTOR SYNERGY sp. z o.o., ul. Marcelińska 90, 60-324 Poznań, NIP PL7811857270, REGON 301575740, KRS: 0000369575 Rejestr Przedsiębiorców KRS prowadzony przez Sąd Rejonowy Poznań - Nowe Miasto i Wilda w Poznaniu, VIII Wydział Gospodarczy KRS, kapitał zakładowy wynosi: 73.852,80 złotych wpłacony w całości, TEL +48 616684500, FAX +48 616684501, www.vectorsynergy.com, info@vectorsynergy.com

Information :

• Company : Vector Synergy
• Position : Security Operation Center (SOC) Analyst
• Location : Den Haag
• Country : NL