SOC Analyst

Let’s build the future together!

This is a Porto-based hybrid opportunity – 3x from home per week

As a SOC Analyst, you will be working for our client – a leader in the financial industry, exemplifying innovation, agility, and unwavering commitment to its clients. You will be responsible for monitoring and analyzing the organization’s networks and systems on a daily basis to detect, identify, investigate, and mitigate potential threats.

Your main responsibilities:

• Lead detection, categorization, and investigation of security incidents. Ensure effective incident response plans and oversee remediation efforts
• Handle critical vulnerabilities by categorizing, managing, and ensuring follow-up actions
• Design and implement detection scenarios while promptly addressing associated alerts
• Contribute to refining correlation rules, conducting investigations, and enhancing Threat Intelligence capabilities
• Manage service requests using ticketing tools and analyze incidents to identify root causes and impacts
  Facilitate in-house knowledge transfer, and documentation, and consistently develop expertise in digital investigation techniques and tools

You’re ideal for the role if you have:

• 3+ years of experience in same area
• Comprehensive understanding of the Mitre Attack framework, adept at linking techniques and tactics to relevant countermeasures
• Proficient in utilizing information monitoring and analysis tools and methodologies
• Sound knowledge of security standards applicable to diverse technologies, including web servers, messaging systems, databases, DNS, proxy, and firewalls
• Specialized expertise in one or more areas:
•  Identifying and addressing web application vulnerabilities.
• Recognizing and handling various malware types (rootkits, ransomware, botnets, etc.).
• Familiarity with obfuscation and persistence techniques (cryptography, packing, etc.).
• Proficiency in digital investigation and analysis tools.
• Skill in analyzing behaviors within SandBox environments.
• Strong grasp of network and system architectures
• Familiarity with intrusion detection probes, event log correlation tools, and Security Information and Event Management (SIEM) principles
• Extensive experience with Splunk and Regex search syntax
• Proficient experience with the theHive platform
• English: B2
• French: B1

#GETREADY to meet with us!

We would like to meet you. If you are interested please apply and attach your CV in English or Portuguese, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at cv-recruitment@itdsportugal.com

Internal Number – #4088