SOC Analyst (m/f/d)

at  Raisin GmbH

TEAM

• Information Security Team at Raisin enable Raisin business to mitigate information security events and incidents in timely fashion
• Work with various teams to protect the infrastructure, data and assets within the company
• Operate as a member of Security team, building and maintaining internal security controls to protect operations
• Manage and own resources throughout the investigation, remediation and reporting of security incidents
• Provide support to respond to cyber security incidents using Cyber Killchain and NIST framework
• Prepare and test Incident management process and ensure correctness of implemented controls
• Manage SIEM capabilities, correlate and build dashboards, alerts and workflows for monitoring and remediating incidents
• Identifying and reporting key metrics and KPIs to measure success of the SOC
• Incident response experience in cloud environments, preferably AWS
• You will independently manage and build this process

ABOUT US

Raisin is the trailblazer in the savings and investment space. Founded in 2012, the fintech company started by opening the $95+ trillion deposits and investments market of the European Union, the United Kingdom and the United States to consumers. Today, Raisin serves more than one million customers in these three markets, offering savings products as well as investment and pension products. This makes the Berlin-based fintech one of the leading global savings and investments marketplaces. Savers get a wider choice of attractive products with the ability to move their money freely. In addition, financial service providers get best-in-class marketplace solutions for their customers, and banks get better access to retail funding. Raisin operates its own B2C marketplaces in Europe and the U.S. under the brands Raisin, WeltSparen and ZINSPILOT.
In Germany, the company offers ETF-based investment and retirement products, Private Equity and Crypto investments, and savings products. Raisin works with over 400 banks and financial service providers from over 30 countries. Raisin has €50 billion AuA and generated over €1 billion in interest for its customers worldwide. Raisin is backed by renowned international investors such as b2venture, Deutsche Bank, Goldman Sachs, Greycroft, Headline, Index Ventures, Latitude Ventures, Orange Ventures, PayPal Ventures, Top Tier Capital Partners, Ribbit Capital, Vitruvian Partners and M&G.
The company has offices in Berlin, Frankfurt, Hamburg, Madrid, Manchester, Munich and New York.We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, or gender identity.

• Experience in SOC monitoring, working knowledge in Splunk (preferable) or other SIEM tools like Qradar, LogRhythm, ArcSight, McAfee Nitro, and AlienVault USM Anywhere.
• Active monitoring of Security events using SIEM (based on standard operating procedure).
• Monitoring application and infrastructure security events and taking appropriate action based on security policy.
• Perform detailed investigation on the alerts.
• Creating new rules, correlations, Dashboards, reports on different SIEM tools to detect new threats.
• Understand cyber - attack methods, perform analysis of security logs in an attempt to detect unauthorized behavior.
• Experience in performing Root Cause Analysis for data from SIEM
• Responsible for Incident Validation, Incident Analysis, Solution Recommendation
• Review the correlation rules and define the improvement plan. Fine tune the system.
• Stay current on IT security trends, intelligence and news.
• Handling escalations from the Application Support team.
• Review Process, Compliance, Reports, KPIs.
• Familiarity with ITIL processes.
• Experience on Phishing email analysis.
• Good understanding of Security devices like Firewall, IPS/IDS, Proxy, Email Gateway, WAF, Antivirus.
• Experience in Cloud security, Threat Hunting, Threat Intelligence, Malware Analysis, Incident Response, Trend & Pattern Analysis, Machine Learning would be an added advantage.
• Assist with the development, revision, and maintenance of Run books, Standard Operating Procedures/ Knowledge base and Working Instructions related to IT Security.
• Monitor the health of data sources, check for all the tools and report any shortcomings immediately to the concerned team.
• Knowledge on servers and networking, Good knowledge on cyberattacks and cyber threats
• False positive mitigation and perform real-time analysis on all the integrated devices.
• Understanding of vulnerabilities in OS, Applications, Network devices and perform vulnerability assessments
• SIEM reports analysis and prepares the daily/weekly/monthly and ad-hoc reports.
• Monitor external event sources for threat intelligence and actionable incidents.
• Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.
• Must comply with any regulatory requirements.