Let’s build the future together!
This is a Porto-based hybrid opportunity – 3x from home per week
As a SOC Analyst, you will be working for our client – a leader in the financial industry, exemplifying innovation, agility, and unwavering commitment to its clients. You will be responsible for monitoring and analyzing the organization’s networks and systems on a daily basis to detect, identify, investigate, and mitigate potential threats.
Your main responsibilities:
- Lead detection, categorization, and investigation of security incidents. Ensure effective incident response plans and oversee remediation efforts
- Handle critical vulnerabilities by categorizing, managing, and ensuring follow-up actions
- Design and implement detection scenarios while promptly addressing associated alerts
- Contribute to refining correlation rules, conducting investigations, and enhancing Threat Intelligence capabilities
- Manage service requests using ticketing tools and analyze incidents to identify root causes and impacts
Facilitate in-house knowledge transfer, and documentation, and consistently develop expertise in digital investigation techniques and tools
You’re ideal for the role if you have:
- 3+ years of experience in same area
- Comprehensive understanding of the Mitre Attack framework, adept at linking techniques and tactics to relevant countermeasures
- Proficient in utilizing information monitoring and analysis tools and methodologies
- Sound knowledge of security standards applicable to diverse technologies, including web servers, messaging systems, databases, DNS, proxy, and firewalls
- Specialized expertise in one or more areas:
- Identifying and addressing web application vulnerabilities.
- Recognizing and handling various malware types (rootkits, ransomware, botnets, etc.).
- Familiarity with obfuscation and persistence techniques (cryptography, packing, etc.).
- Proficiency in digital investigation and analysis tools.
- Skill in analyzing behaviors within SandBox environments.
- Strong grasp of network and system architectures
- Familiarity with intrusion detection probes, event log correlation tools, and Security Information and Event Management (SIEM) principles
- Extensive experience with Splunk and Regex search syntax
- Proficient experience with the theHive platform
- English: B2
- French: B1
#GETREADY to meet with us!
We would like to meet you. If you are interested please apply and attach your CV in English or Portuguese, including a statement that you agree to our processing and storing of your personal data. You can always also apply by sending us an email at firstname.lastname@example.org
Internal Number – #4088