Senior Information Security Analyst (SOC L3)

Company Description

Eurofins Scientific is an international life sciences company, which provides a unique range of analytical testing services to clients across multiple industries. The Group believes it is the world leader in food, environment, pharmaceutical and cosmetics products testing and in agroscience CRO services. It is also one of the global independent market leaders in certain testing and laboratory services for genomics, discovery pharmacology, forensics, CDMO, advanced material sciences and for supporting clinical studies. In addition, Eurofins is one of the leading global emerging players in specialty clinical diagnostic testing.

In 2018, Eurofins generated 4.2 billion Euro proforma turnover in 800 laboratories across 47 countries, employing about 45.000 staff.

Eurofins Technologies is a new International Business Line (IBL) within the Eurofins Group focused on the development, manufacturing and marketing of bioanalytical technologies and diagnostic test kits in particular. The business if primarily focused on solutions in Food Safety and Environmental Safety but has recently expanded into Animal Health and Clinical Diagnostics. Eurofins Technologies serves both external customers (industrial laboratories, governmental laboratories, service laboratories) as well as customers within the Eurofins Group.

Job Description

Eurofins is ramping up the Security Operations Center and has a need to extend the L3 incident resolvers’ team. The person working in L3 SOC team receives incidents escalated from L2 SOC, gets to manage most complex findings and work towards remediation of the incidents found.

He/she continuously operates the Security Incident process, driving the resolution of identified issues, as part of the team, bringing the necessary experience and expertise above the existing L2 SOC level.

Day to day basis

• Triage and deep investigation of cyber security events with use of SIEM, IDS, EDR, antivirus, Internet Footprint tools, proxy solutions
• Security Event Correlation as received from L2 SOC or Incident Response staff or relevant sources to determine increased risk to the business
• Recognize potential, successful, and unsuccessful intrusion attempts/compromises thorough review and analysis of relevant event detail and summary information
• Development and execution of SOC procedures
• Investigate and lead security incidents (IR lifecycle).
• Ensure confidentiality and protection of sensitive data
• Analysis of phishing emails reported by internal end users
• Working with remediation (IT Infra & Ops) teams on events and incident mitigation
• Host based forensics. (Knowledge of data acquisition and analysis using forensic tools)
• Network based forensics. (Ability to read and understand PCAP files)

Qualifications

Required

• Minimum of 3-5 years of professional experience as a SOC Analyst (L2 or L3), threat researcher or hunter or a similar comparable role dealing with incident handling, alert tracking or cybersecurity case management.

• Willingness to work overtime and adjust to reasonable demands from management in case of critical incidents being escalated to L3 for immediate handling
• Must have understanding of cybersecurity incident discovery and event management, network forensics, IPS/IDS, firewalls, content filtering technology, DLP, configuration management and monitoring, endpoint protection, database security, and log collection and analysis.
• Strong working knowledge of different attack vectors and attack types.
• Experience and keen understanding of cybersecurity tools, including SIEM, IDS/IPS, antivirus and endpoint detection & response solutions.
• Experience with leading security incident response
• Able to multitask and give equal and/or required attention to a variety of functions
• Ability to work independently and take ownership of projects and initiatives
• Excellent written and verbal communication skills required. Must be able to communicate technical details clearly
• Experience in developing and maintaining Play/Run-Books and/or Standard Operating Procedures in a SOC environment (Nice to have – Experience is a plus)
• Strong troubleshooting, reasoning, and analytical problem-solving skills
• Ability to communicate technical details effectively in writing and verbally to junior IT personnel and management 
• Team player with the ability to work autonomously

Preferred qualifications

• Involvement in threat intelligence and cybersecurity communities
   
• Experience in cybersecurity incident discovery and event management, network forensics, IPS/IDS, firewalls, content filtering technology, DLP, configuration management and monitoring, endpoint protection, database security, and log collection and analysis.