Cybersecurity Analyst

SOC, Cybersecurity Analyst, CERT, CIRT, CSIRC

Your new role

Cybersecurity SOC Tier 2 analyst must be able to do the following:

• Correlate threat data from various sources to establish the threat/impact against

the network.

• After assessment of the data, recommend appropriate countermeasures,

facilitating tracking, preliminary handling of investigations, and reporting of all

security events and computer incidents.

• Remediation actions and apply lessons learned to security incident investigation

and resolution

• Perform monitoring, identification and resolution of security events to detect

threats through analysis, investigations and prioritization of events based on

risk/exposure

• Develop processes which analyzes data, producing accurate, meaningful, easily

interpreted results based on user requirements and use cases

• Develop processes which align with enterprise incident response activities and

coordinate closely with other teams within the Security Operations Center

• Create custom tool content to enhance capabilities of security operations teams
• Manage the collection, documentation and research of security events generated

by the SOC monitoring platform and infrastructure

• Provide support to Security Incident Management aligned with NIST standards

What you39ll need to succeed

Technical writing experience:

• Standard Operating Procedures

• Runbooks/Playbooks

• Incident Response Plans

• Support training develop with both analysts and tabletop exercises

• Assist or lead the effort in Tool configuration and content creation

Qualifications :

• experience on one of the following team(s): 

Computer Incident Response Team (CIRT), 

Computer Emergency Response Team (CERT), 

Computer Security Incident

Response Center (CSIRC) or a Security Operations Center (SOC)

• Degree in Computer Science, Information Technology, or equivalent work experience

• Experience supporting Cyber Security Operations in a large enterprise environment

• Experience with Incident Response, analysis of network traffic, log analysis, ability to

prioritize and differentiate between potential intrusion attempts and false alarms,

managing and tracking investigations to resolution

• Experience with SIEM & Log Management solution

• Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain,

Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) Metrics

• CCNA Security, GCIA, GCIH, CYSA+, Security+ or other related security certifications

• At minimum there must be one active security certification

Experience with one or more of the following tools:

• Qradar SIEM/Cortex XSOAR

• SentinelOne

• Proofpoint Email

• Azure Suite

• Zscaler

Working Hours

• 8am – 6pm local time- 4 days per week

• 2 days office x 2 days home office

• Contract of employment

What you need to do now

If you39re interested in this role, click 39apply now39 to forward an up-to-date copy of your CV, or call us now.

Hays Poland sp. z o.o. is an employment agency registered in a registry kept by Marshal of the Mazowieckie Voivodeship under the number 361.

Well done! Good to go.