Senior Specialist/Engineer Service Operations (SOC)

at  SITA Switzerland Sarl

EXPERIENCE:

• Significant experience of working within a mature SOC organization or as a security threat analyst in an equivalent security environment.
• Experience in using SIEM technologies, endpoint protection response, IDS and other security technologies.
• Good understanding of system, and application logs from a variety of platforms, from firewall, domain controllers to IDS, etc.
• Good knowledge of threat intelligence data, IoC, threat actors, kill chain, etc.
• Having experience in the penetration testing/ethical hacking field is a plus.
• Functional skills with regex, IDS signature, SPL and SQL is a plus.
• Skills in network analysis, sandboxing, malware reversing or forensic is an asset.
• Strong knowledge of vulnerabilities, CVE, 0day and their potential impacts.
• Ability to comprehend the priority on enabling the business, while working on security incidents mitigation/containment and possible impacts on the production environment.
• Strong customer/client focus, interact with a variety of stakeholders in a well-mannered, positive, and professional way, and building long-term relationships.

ABOUT THE ROLE & TEAM:

As Senior Cyber Security Analyst, you will work within the Security Operation Centre in evaluating risks, conduct log analysis and act upon security threats across a complex and disperse IT estate.
You will carry out threat analysis and handling process to ensure the efficient and timely mitigation of security threats, as well as understanding the threats’ risks and potential business impacts of both threats and mitigation measures. By leveraging the SIEM and the current security toolset, you are expected to investigate security issues and conduct root analysis, as well as resolving or escalating security incidents.

WHAT YOU WILL DO:

• Conduct comprehensive investigation on a wide variety of security events, recommend and implement remediation processes.
• Hunt for potential internal and external threats and developing detection mechanisms and reports.
• Perform and review threat detection use cases and fine tuning
• Work actively on evolving our threats detection and team efficiency by acting on noise and false positive.
• Handle security incidents in line with the incident response process
• Work with resolver groups to evaluate and recommend new security practices and solutions.
• Provide security advices and promoting security awareness to other IT teams and clients.
• Involve in the production of threat intelligence and IOC by leveraging threats information from past incidents, sandboxes reports, malware reversing and data forensic.
• Identify improvement areas in processes and/or tools to ensure highest level of quality
• Produce security incidents reports and recommendations.
  Qualifications: