Job Description
We hunt, investigate and stop cyber threats before they become business disrupting events.
We were founded on the premise that if you can't find a solution, you build it.
Our culture is based on transparency, teamwork, and continuous innovation.
We protect the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats.
The Global Security Operations Centre (GSOC) delivers comprehensive security services to customers worldwide on a 24x7 basis, utilizing best-in-class tooling from both external vendors and internally developed technologies.
We are seeking a Tier II SOC Analyst to perform security analysis tasks across network, endpoint, log, and cloud security in a fast-paced and dynamic environment.
Responsibilities:
- Complete more complex high priority/escalated client support tickets
- Participate in Incident/Breach response investigations and deliver incident response reports and after-action reviews
- Work on various internal projects/initiatives
- Write or provide input to our Learning and Development team on KB Articles or training content
- Deliver training modules and conduct assessments with new hires
- Ongoing mentoring and coaching of Tier I Analysts
- Participate in Quarterly Service Reviews (QSRs) with our Customer Success Team
- Secondary review and approval of permanent signal filters, Global Denylist IP Nominations, and high priority client alerts
- Critical Event Reviews – performing secondary audits of selected signals and following up with analysts and clients as necessary
- Analyze incoming security signals in real time with a balance of accuracy and speed using a variety of forensic tools
- Apply investigative tools, techniques and procedures (TTPs), use your understanding of the security threats associated with the incoming signals and follow defined Runbooks to determine and execute the relevant actions
- Perform allowlisting/filtering of false positive signals
- Alert clients using defined templates and escalate high priority alerts to clients by phone
- Block malicious network traffic and isolate infected hosts on customers networks
- Add malicious IOC's to e Sentire's Global Denylist for all customers where appropriate
Requirements:
- Relevant degree in Computer Science, IT Security, IT Management, IT Support or related discipline
- 3+ years' full-time experience in a Security Operations Centre or similar Cyber Security Analysis role excluding time spent on an intern or work experience program
- Hands on experience in at least one of the following Security domains: Network Security including Intrusion Detection Systems (IDS), Windows Endpoint Security, SIEM/Log Management
- Knowledge and experience of network and endpoint security technologies, analytical mind with strong attention to detail and a commitment to quality of service
- Strong customer facing written and verbal communication skills with the ability to effectively communicate complex security concepts with end customers
We believe in rewarding performance and providing comprehensive benefits tailored to support your well-being.
We celebrate diversity, operating with mutual respect and consideration, in an environment that fosters inclusivity for all.