Senior SOC Analyst

About Us:

Award - The Best FinTech Trading Platform of The Year 2019.

Zeal group of companies (collectively Zeal Group) is a business portfolio of the parent company Zeal Holdings Limited, comprising regulated financial institutions and fintech companies specializing in multi-asset liquidity solutions in regulated markets backed by proprietary technology.

We are a people focused business and our team of 500+ professionals globally are dedicated to maximizing the success of our employees and customers. Headquarter is located in the UK with global presence in 12 countries across Asia, Middle East, & Europe with 22 offices internationally.

The estimated monthly trading volume in an average of USD 100B executed by 100,000 retail investors, professional traders, and financial institution clients.

Job Description:

Principal Accountabilities

• Security events monitoring tools administration
• Participation in security incident investigations
• Proactive detection of anomalous activity and security incidents in  IT infrastructure
• Participation in the vulnerability discovery process (scanning, analysis of discovered vulnerabilities)

• New security monitoring tools research and development
• Installation support and content development (dashboards, alerting, etc) for Elastic Infrastructure
• Participation in Security team’s project activities
• Conducting periodic tests/exercises to respond on security incidents
• Connection to the SOC’s tools of new log sources, the development of the necessary processes and instructions for Cloud infrastructure

• Operational reporting on suspicious activity
• Develop in cooperation with other teams alerts, rules and monitoring automation solutions
• Automation of alerts
• Deliver SOC and SIEM solutions
• Participate actively and support company security driven projects and initiatives in terms of Security monitoring and automation

• Create best practices for SOC tools in terms of their implementation across all IT functions, setup and support security quantitative KPIs in terms of Security monitoring and awareness of activities
• Continuous improvement of Security events monitoring
• Budget management in terms of SOC field of responsibility within Information Security function
• Vendor assessment and comparison
• Contribute to the management of the Security tools development direction and roadmap of security tools, investigate technologies, run proof of concepts and testing

• Build and manage the on boarding of new security tools to SIEM (Security Incident & Event Management), infrastructure processes and SOC (Security Operations Centre)
• Support for internal documentation (standards, manuals, descriptions, etc.).

Key Competencies & Qualifications

• 3+ years of working experience on the same functional level
• Solid technical and knowledge in Information Security
• Expert knowledge and expertise with SIEM systems at the administrator level
• Python programming skills

• Knowledge in the area of modern techniques for exploiting the vulnerabilities of applications, information systems and networks
• ITIL knowledge (change control process, change management, problem/incident management, procedures, guidelines, etc)
• Understanding of the methods, techniques and procedures used at different stages of the development of complex attacks
• Understanding network security
• Information security principles for business applications practical knowledge is a plus

• Experience and skills in Unix and Windows administration, basic system utilities and functions
• Strong skills and experience with such data formats as Syslog, XML, JSON
• Team player with energy and a desire to progress in a fast moving, demanding and progressive environment
• Project management skills, vendor management
• Ability to thrive under stressful situations

• English language is a must
• Strong knowledge in building correlations with such information security tools and systems (for understanding logs and building correlations) like: Antivirus, Endpoint detection and response, Firewalls, Vulnerability scans, Remote access technology, VPN gateways, Cloud infrastructure.
• Expert knowledge in identification and evaluation of indicators of compromise (IOC) associated with malicious code and malware
• Ability to work with several tasks at the same time
• Team player with energy and a desire to progress in a fast moving, demanding and progressive environment

• Project management skills, vendor management
• Ability to thrive under stressful situations
• English language is a must

Benefits:

• Bonus structure for each job role
• Relocation to Cyprus with all the necessary support for you and your family
• Gesy insurance and Private medical insurance for employee and family members
• Paid rental car, gym, school for kids and annual training allowance for you
• Quarterly team building and yearly events to get to know each other better
• Paternity & Maternity gift