SOC (Security Operations Center) L1/L2 Analyst

Mzda:45000 - 50000 Kč měsíc
Počet míst:4
Lokalita:Praha 4, Praha 4
Telefon:+421917938778

Koho hledáme a co budete dělat

On L1 level you will provide: - Continuous processing of alarms from the SOAR queue, prioritized by the severity of each alarm - Initial analysis (triage of the alarms) - Identification of obvious false positives - if necessary assignment to already existing alarms - Processing of the alarms according to the customized playbooks - Result of alarm processing: - Identification as a false positive or - Opening a security incident and assigning it to the customer’s ticketing system or - Forwarding as alarm to L2 for further analysis and if necessary - Feedback to SIEM Content Engineering for continuous improvement of the detection scenario - Deliver reports and KPI's - Respond to audit and regulator requests for information On L2 level you will actively ensure: - Extended analysis (following customized runbooks) - Addition of context-related information - Additional search for the classification of the alarm - Request for Security Information to customer - Result of alarm processing: - Identification as a false positive or - Opening a security incident and assigning it to the customer’s ticketing system or - Passing the incident to L3 level for further analysis if necessary - Provision of feedback to SIEM Content Engineering for continuous improvement of the detection scenario

Nabízíme

  • International environment

  • Competitive salary

  • FTE/freelancer

Požadujeme

  • You stand out with your communicative personality and your ability for analytical and independent work.

  • You have gained experience in a similar position.

  • You have good English.

  • You have acquired a technical education specialising in information technology or communications engineering.

  • Hands-on experience with the following technology set is appreciated:

  • Ticketing tools (preferably OTRS)

  • Microfocus ArcSight SIEM and Logger

  • Cisco / Sourcefire

  • CheckPoint FW

  • Threat intelligence

  • Sentinel One Endpoint Security

  • Guardium DBAM

  • Rapid7 scanner

  • Linux & Windows

Informace o firmě

T&T Consulting je konzultačná spoločnosť so sídlom v Paríži a s pobočkami v strednej Európe a severnej Afrike. Tvoria ju vysoko kvalifikovaní špecialisti, poskytujúci svoje odborné znalosti a riešenia kľúčovým globálnym a regionálnym subjektom v oblasti inovatívnych technológií. Sme etablovaná spoločnosť, ktorá už od roku 1999 dodáva svoje služby významným hráčom v oblastiach: telekom, IT, doprava, bankovníctvo, automobilový priemysel. Firma zamestnáva alebo spolupracuje so stovkami špecialistov v telekomunikačnej a IT oblasti. Naši konzultanti sú zapájaní do významných národných a nadnárodných projektov.