Senior SOC Analyst
Athens, Attica, Greece
The Senior SOC Analyst contributes to the execution of the 24x7 security event management procedures in SOC, and acts as Incident Commander during incident response.
The Senior SOC Analyst ensures junior analysts (L1) - escalated events are addressed in a timely manner using available case management mechanisms. Serves as detection authority for initial incident declaration and approves/performs further investigation of L1-escalated events utilising SIEM tools. Mentors L1 Analysts to improve detection capability and drives recommendations to customers for incident remediation. Contributes to training of new analysts and evaluates analysts’ performance.
Interacts with the rest of the MSS teams processing new security monitoring requirements and delivering internal tasks of new SIEM content and data reporting to address customer requests, or project plan deliverables in a timely and accurate manner. He/she is available to work flexible hours and may serves as a backup analyst for any potential coverage gaps to ensure business continuity.
- Bachelor's degree in Computer Science
- 3+ years’ experience in the information security industry with at least 2 years of experience in SOC operations
- Sound understanding of TCP/IP, networking protocols, familiarity with security events related to Windows/Linux OS, Active Directory, Firewalls, IDS/IPS, WAF, Web servers, Databases
- Foundational understanding of common attack methods and exploitation techniques, along with the detection and remediation strategies
- Strong understanding of adversary motivations and security operations concepts (network, host and application security, intrusion detection, malware analysis and other security events)
- Ability to read/analyse raw logs from Firewalls, hosts and other systems
- History of working under pressure and/or within various incident situations
- Excellent customer service, verbal and writing skills in both English and Greek Language
- Ability of fast learning, absorbing and applying new, job-related techniques. Keep abreast in IT new ideas and directions.
- Be a self-starter with the ability to multi-task and work within a high-performance team.
Desired requirements include:
- Experience with operations using a SIEM solution. Knowledge of MS Azure Sentinel, Arcsight or Splunk will be considered a plus.
- Knowledge of a Threat Hunting methodology
- Prior experience with operations using an EDR solution (e.g. Microsoft ATP) will be considered a plus.
- Master Degree in Information Security
- Industry Certifications such as CISSP or GCIA
- Prior hands on experience within a technical IT Security position (e.g. network/IT security engineer, penetration testing, technical advisor etc)
- Dynamic and respectful environment – our people are the core of our business, we value each and every individual and support initiatives, promoting agility and work/life balance.
- Continuous coaching – work with passionate people and receive both theoretical as well as hands-on training
- Career development. Expand your career internationally and work alongside knowledgeable people from diverse cultures and backgrounds
- A competitive compensation package dependent upon your experience and qualifications. We’re focused on rewarding efforts. Our salaries and benefits package will keep you motivated throughout your career