Randstad HR Solutions, on behalf of MBDA Italy, is looking for a SOC Analyst.
The SOC Analyst will work collaboratively to detect and respond to information security incidents, maintain and follow procedures for security event alerting, and participate in security investigations. The SOC Analyst will perform tasks including monitoring, research, classification and analysis of security events that occur on the network or endpoint.
The SOC Analyst should have familiarity with the principals of network and endpoint security, current threat and attack trends, and have a working knowledge of security principals such as defense in depth.
The SOC Analyst must be competent to work at a high technical level and be capable of identifying threats, and threat vectors that cause security events.
The resouce will take care of the following activities:
- Provide effective support for Security Operations Manager and assist in operational activities and delivery of project work when required;
- Carry out Network Investigations, covering Alerts and Critical Security Changes;
- Carry out technical analysis, interpretation and investigation activity;
- Evaluate situations in order to identify the root cause and develop solutions that mitigate the risk;
- Plan, control and deliver remediation and closure of I.T. Security Events;
- Engage with the wider IM organisation to develop Security Reporting and alert services;
- Develop an established baseline of network activity to enable identification of inconsistent behaviour patterns;
- Communicate and document security recommendations based on observed patterns and trends, to ensure all solutions continue to be relevant in an evolving threat landscape;
- Ensure up to date on Security Technologies, emerging threats, security and vender alerts;
- Maintain the primary Security Operations toolsets, ensuring their availability, functionality and feature sets are updated regularly;
- Conduct research into IT security issues and products as required;
- Carry out risk assessments on current infrastructure and services;
- Provide action plans to overcome risks;
- Utilise Monitoring Technologies to understand and interpret Log/Information / Real Time Event activity to ensure the integrity of the environment;
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures).
- 5 years experience SEIM systems;
- 5 years minimum experience in the information security field;
- 5 years experience with security detection tools EDR, IDS/IPS etc.
- A career background in Information Security;
- Security awareness in all Areas of IT with the Primary being Network Security Infrastructure and the Secondary being Operating Systems,& Applications;
- Knowledge of IT Security best practices;
- Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S;
- Proven experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools;
- Strong analytical experience and mind-set;
- Experience within Defensive Cyber-attack methodologies and frameworks;
- Understanding of Malware capabilities, attack vectors, propagation and impact;
- Good communication skills liaising with the business and suppliers.