Security Operations Center Analyst
Bucharest, Romania
6 zile în urmă

Preferred Qualifications

Sr. SOC Analyst

We are seeking a Sr. SOC Analyst to join the Oracle+NetSuiteSecurity team responsible for securing systems, infrastructure, services anddata.

The Security Operations Center Analyst will use data collectedfrom a variety of information security tools and sources (including intrusiondetection system alerts, firewall and network traffic logs, and host systemlogs) to analyze events that occur within the enterprise, perform threatanalysis, and handle response activities related to potential securityincidents.

The candidate must be able to routinely evaluate prioritiesbased on the dynamic nature of the environment. The role requires closecollaboration with peers across multiple geographic regions to discuss issues,solutions, and investigations.

Partnership with multiple internal security,operations, and business teams is paramount for success and overall improvementof security operations.

Mentoring is highly encouraged to develop professionalrelationships and grow colleagues.

ResponsibilitiesInclude :

  • Respond to security potential incidents, draft comprehensive incident reports, document and execute lessons learned
  • Identify security events requiring immediate escalation and response
  • Document and communicate analysis of research and findings to peers and leadership
  • Monitor and analyze security events, networktraffic, and security alerts across the enterprise
  • Perform advanced analysis of security events and alerts
  • Correlate events from multiple sources during investigations
  • Assist with ongoing development and improvementof processes, detection capabilities, and response procedures to improveoverall SOC functions
  • Conduct investigations of potential intrusionattempts to determine remediation actions and escalation paths
  • Facilitate meetings to collaborate with internalteams to identify, resolve, and mitigate attacks and exploits
  • Perform incident response and handling following documented procedures
  • Track investigation activities during anincident, including identifying next steps, spanning across multiple shifts
  • Monitor external data sources to maintain awareness of threat condition and determine which security issues may have an impact on the enterprise
  • Lead a team of junior analysts
  • Required Skillsand Experience :

  • Knowledge of security controls including networksecurity technologies (IDS, IPS, firewall, WAF, and RASP), OS hardening, fileintegrity monitoring, authentication
  • Strong understanding of system and network security threats and vulnerabilities
  • Hands-on experience with TCP / IP and data packet capture analysis, networking fundamentals, common network services, network vulnerabilities and network attack patterns
  • Experience in security event monitoring and triage, incident response, and / or system / network auditing
  • Hands-on experience using SIEM for data analysisand EDR tools for response purposes
  • Familiarity with network and endpoint securityapplications and tools including network scanning tools, NIDS / HIDS, firewallsand web proxies
  • Self-motivated, excellent analytical and problemsolving and critical thinking skills
  • Exercise sound judgement calls for investigativepurpose, including making the determination to close a case
  • Ability to proactively and clearly communicatewith other technical and non-technical teams during investigations, lessonslearned, and to learn about the environment
  • Experience writing detailed incident reports andupdates on a regular basis
  • 2+ years leading a team of analysts
  • 5+ years as a SOC Analyst
  • 10+ years in Information Technology preferablyas a security engineer, system administrator, or network engineer
  • Bachelor’s degree in Computer Science,Computer Engineering, MIS, or relatedfield
  • Effective time management skills bycompleting assignments or delivering updates within required deadlines
  • Preferred Skillsand Experience :

  • Experience with Linux system administration, scripting, log parsing, vulnerability assessments / penetration testing, or vulnerability management
  • Scripting, programming knowledge and experience
  • Familiarity with industry recognized frameworksincluding but not limited to MITRE ATT&CK, ADS, NIST 800, and CIS
  • Recognized industry certification and / orcontinuing education programs are a major plus including GCIH, GCIA, CISSP,GCFA, GMON, GREM, GNFA
  • Advanced understanding of Unix & Windows functionality,access control, event logs and monitoring; application and network security
  • Working knowledge of forensics, incidentresponse and threat hunting methodologies for a cloud service provider
  • Detailed Description and Job Requirements

    Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.

    Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems.

    Maintains the company’s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.

    Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical / business skills in area of specialization.

    Prefer 8 years relevant experience and BA / BS degree.

    As part of Oracle's employment process candidates will be required to successfully complete a pre-employment screening process.

    This will involve identity and employment verification, professional references, education verification and professional qualifications and memberships

    if applicable).

    Email-ul meu
    Făcând clic pe "Continuă", acord nevoo consimțământ de a procesa datele mele și de a-mi trimite alerte prin e-mail, așa cum este detaliat în policyApplicația de confidențialitate a lui neuvoo. Pot să-mi retrag consimțământul sau să mă dezabonez în orice moment.