Beschreibung
SOC, Splunk, Networking, Unix, Linux, Window, IT security, Incident response, IOC
My client a security and splunk specialist consultancy based in London is looking for SOC analysts for a global media company client. The engagement will be contracted out of London but based in Munich.
What you'll do
Responsible of analysing and investigating security related logs against security threats and defined IoCs.
Conduct Threat hunting activities to identify security threats and IoCs and recommend action plan to minimise the impact of the threat
Ensure timely accurate tailored remediation and countermeasure communications to internal and external teams regarding intrusions and compromises to on-boarded host and network infrastructure, applications and operating systems
Assist On-boarded entities CSIRT with the implementation of countermeasures or mitigating controls
Make recommendations to improve operational effectiveness and efficiency within the GSOC Operations
Monitor and analyse advanced threat events, Security Incident and Event Management (SIEM) and User Behaviour and Analytics (UBA) toolsets and event logs to identify security indicator of compromise, attacks and threats for remediation and/or suppression
Assist in Computer Security Incident Response activities; work with various lines of security analysts (internal and external) to identify various malicious threats in the enterprise environment
Where necessary, ensure incidents are appropriately generated, prioritised in line with defined criteria and dispatch incidents to the relevant on-boarded entities or local CSIRTs
Recognise potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
Develop and write reports that analyse threat and IoCs with impact and recommended actions
What we look for
Extensive experience in security operations, security analytics and hunting role
Extensive experience in Investigative or Incident Response environments
Excellent knowledge of Computer Networking and IT Security
Excellent knowledge of common operating systems (eg, Windows, Linux and Unix)
Good knowledge of Log and Data analytics solution Splunk, Exabeam, ELK or similar
Good oral and written communication in English
German language skills would be an advantage but not essential
Excellent knowledge of security solutions and technologies, including Linux, Network architecture/
implementation/configuration experience and knowledge of packet flow/TCP/UDP traffic Firewall technologies, Proxy technologies, EDR, spam and spyware solutions (Gateway and SaaS) Malware/security experience
Strong Hosts and Networks troubleshooting skills
Demonstrated ability to make decisions on remediation and countermeasures for challenging information security threats
Monitoring and collecting information on security incidents from large organisations.