SOC L2 Analyst - Security Operations Centre Level 2 Analyst
|Job Title:||SOC L2 Analyst - Security Operations Centre Level 2 Analyst|
|Contact Name:||Jon Goodman|
|Job Published:||September 01, 2016 15:11|
Our client is a leading consultancy providing Cyber Security Services to a number of global clients.
They require a Level 2 Security Operations Centre Specialist - so you will be responsible for the security monitoring & log analysis of multi-vendor security solutions.
You will also be responsible for responding to security incidents (malware infections, unauthorised access, malicious emails, DDoS attacks, etc, together with evaluating the type, nature and severity of security events (security assurance/security compliance) through the use of a range of security event analysis tools. You will need to understand common security vulnerabilities and mitigation techniques.
You will also enhance and tune SIEM and NIDS rules to identify, react to security alerts whilst reducing false positives and review threat intelligence and indicators of compromise - being the escalation point for Level 1 analysts.
Perform operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including but not limited to events from SEIM monitoring tools, network and host based intrusion detection systems, firewall logs, system logs (Unix & Windows) - Perform advanced diagnosis and remediation planning in response to security events & incidents - Analyse security event logs and alerts to determine validity, priority and impact against both security threat best practice counter measure and client compliance obligations.
Security Industry certification such as GCIA, GCIH, GCFA, or GREM would be highly beneficial.
Operating out of a Security Operations Centre (SOC) in Zurich, Switzerland, you will work in a team Analysts - this team will use state of the art SIEM, IDS/, NAC toolsets to perform log analysis and monitoring activity along with other security solutions to aid investigations of cyber incidents. Importantly you will engage in appropriate incident response and corrective action as required or as set out in associated Service Level Agreements.
You will have at least 3 years of IT Security / Information Security experience, Malware Analysis, developing SIEM and NIDS rules, will have an advanced understanding of Unix/Linux, TCP/IP, Perl Scripting, and knowledge of incident / problem management frameworks - such as NIST or ITIL.
This role is based in Zurich Switzerland - on a day rate contract - you'll be initially contracted for 12 months - but it is likely to be extended for a few years.
We have advertised the role at £400/500 per day (so in Swiss Francs, this would be CHF 522 - 650 per day)
Do call or email me to discuss.
Get similar jobs like these by email
By submitting your details you agree to our T&C's