Security Operations Center (SOC) Analyst

Position Summary

This position manages and monitors cybersecurity events, performs incident responses and security analysis. Candidates will possess strong technical analytical skills while providing accurate analysis of security-related problems. They have a well–rounded networking background and are responsible for performing extensive troubleshooting of issues in the SOC. The individual is user focused and works to resolve user needs in a timely manner. These needs involve resolving hardware/software failures, investigating and responding to security threats, and making change requests to the security policy of devices.

● Monitor the SOC tools for security events.
● Log collection, incident and threat detection
● Threat hunting
● Evidence collection, threat and risk management
● Document and maintain a knowledge base of alarms (false positives and false negatives, blacklists, whitelists) that IDS and IPS encounter.
● Review security-related events, assessing severity, criticality and priority
● Serve as work area experts for security/information assurance policy recommendations.
● Gather intelligence from sources outside the SOC (both internal and external sources) and leverage for operations.
● Ensure security events and incidents are detected and escalated in a timely manner.
● Provide analysis and investigation to determine if alerts or security events warrant incident classification

Role and Responsibilities

• 10+ years of related experience in the area of work
• Masters/Bachelor’s degree in Computer Science or equivalent experience relevant to network security with relevant industry certifications.
• Background in networking or security to include intrusion detection/prevention.

• Strong English communication skills – written, verbal and speaking; French is an asset.
• Information security threats and vulnerabilities.
• Minimum 6 years in SIEM (Security Information and Event Management) and anomaly detection tools.
• Minimum 6year of experience in Threat hunting
• Minimum 6 year in SOAR
• Use network investigation tools to identify vulnerabilities.
• Cybersecurity incident response and handling.
• Knowledge security best practices for AWS services : IAM, Cloud Trail, GuardDuty,
• Minimum 6 years’ experience with AWS

Nice to haves

• A Plus: Security +, SSCP and other technical security certifications (e.g. Information Systems Security Architecture Professional, Information Security Engineering Professional, Certification and Accreditation Professional, or equivalent certifications).
• Knowledge or experience using ‘Slack’, ‘G-Suite’ and ‘AWS’ .

Skills and Qualifications

* Please visit Samsung membership to see Privacy Policy, which defaults according to your location. You can change Country/Language at the bottom of the page. If you are European Economic Resident, please click here.