SOC Analyst

SOC Analyst
Role
We are looking for a SOC Analyst to join our Cyber Defense Center. He/She will be in charge to protect group by detecting and responding to cyber incidents. Security threats have increased drastically in the last few years and organizations are facing an increasingly complex threat landscape. He/She will have the opportunity to work with a highly dynamic and motivated team and a high level of security solutions.
The SOC Analyst will report to the SOC Manager. 
ResponsibilitiesAs a SOC Level 2 Analyst within the Cyber Defense Center, you will:1. Protect the group:

• Participate in a 24x7 Security Operation Center (SOC) environment following the sun
• Analyze, contextualize and monitors the security alerts from different and advanced security platforms;
• Effectively troubleshoot and investigate security events, communicate findings, and escalate concerns to staff as directed;
• Process and manage requests for various security services such as responding to security inquiries from affiliates/ stakeholders, reviewing malicious/suspicious files;
• Provide Incident Response (IR) support when analysis confirms an actionable incident;

2. Contribute to continuous improvement of SOC posture:

• Tuning of SOC Use Cases;
• Design, maintain and continuous improve SOC playbooks, SOC standard operating procedures (SOP), processes and guidelines;

3. Learn, grow and develop on the Blue team:

• Participate to hunting sessions with our CTI team
• Participate to Incident Response simulation
• Collaborate and works closely SOC RUN Lead towards the continuous improvement of the service;
• Support Lead, Manager in various tasks and projects

These activities are non-exhaustive and can evolve according to operational needs. 
ProfileYou profile corresponds to the following criteria: • Bachelor's degree in Computer Science, Computer Engineering, IT Security, or a related field; alternatively, equivalent demonstrated knowledge.
• Highly technical with at least 3 years of relevant experience as an analyst in IT Security or SOC.
• Experience with Security Operations Center, network event analysis and/or threat analysis
• Knowledge of various security methodologies and technical security solutions.
• Experience analyzing data from cybersecurity monitoring tools such as SIEM / SOAR platforms, host and network logs, firewall and IPS/IDS logs and email security gateway.
• Knowledge of commonly accepted information security principles and practices, as well as techniques attackers would use to identify vulnerabilities, gain unauthorized access, escalate privileges, and access restricted information.
• Strong understanding of security operations concepts: perimeter defense, endpoint management, data leak prevention, kill chain analysis and security metrics.
• Knowledge of the common attack vectors on various layers.
• Knowledge and experience working with the Cyber Kill Chain Model, MITER Telecommunication & CK Matrix.
• Experience in the transport/shipping/logistics is a plus.

QualitiesYou also possess the following qualities:
• Highly motivated and willing to learn;
• Autonomy and proactive behavior;
• Great understanding of the device's security logs;
• Analysis and synthesis capacity;
• Strong ability to work and interact with management, business customers, functional & technical oriented teams;
• Discretion with regard to sensitive matters

Work Arrangement• Hybrid
• Night/mid/rotation
• Work equipment provided

---