Beschreibung
Security Analyst (SIEM)As a Security Operations Analyst working within a SOC environment, you'll manage products, services, and systems to protect the organizations core assets and customers from security incidents, data leaks, and data breaches using SIEM tools. You will work closely with the delivery teams and other security teams to ensure that services are monitored and protected.
This role will be remote intially, however once things go back to normal suitable candidates will be expected on site in Berlin.
Role/Responsibilities:
- Define use cases, connect log sources, set up rules, correlations and alerts and document runbooks for Security Monitoring using SIEM
- Create technically detailed reports based on intrusions and events
- Maintain knowledge about past incidents and draw lessons learned to help security teams to handle and respond to future incidents.
- Support with incident response and assist in investigations
- Triage, support, resoution and escalation of security incidents
Experience:
- Experience with cloud technologies and security monitoring within cloud
- Excellent knowledge of the detection and defense of cyber attacks
- Knowledge with SIEM tools (preferrably LogRhythm, Sentinel or Splunk)
- Knowledge of at least one programming languages (e.g. Python, C# or Perl)
- Experience working within a Security Operations environment
Please note - Suitable caniddates MUST speak German