Senior Security Engineer - SOC - L2

Professionals at Ackcent Cybersecurity have a common goal : to improve the security of our customers, protect their assets from cyber threats and to provide a high-quality service through communication and care for our customers. In this position you will be part of our SOC Team in charge of security threat monitoring and incident handling, you will be helping to secure and defend our clients’ assets.

We are looking for professionals with experience in cybersecurity and with a wide and deep understanding about Networks, Security Architecture and Security Monitoring Tools.

As a key member of the Ackcent team, you will be in charge leading the handling of security threats and incidents, improving and maintaining tools and procedures and conducting forensics and malware analysis for further mitigation and threat containment. As a senior position you will be able to train and support other junior team members and will be involved alongside other Ackcent departments in different initiatives and decisions regarding internal and external Security Services.

Responsibilities

• Analysis and verification of security threat monitoring alerts to produce incident identification, classification and prioritization.
• Create, improve and maintain security monitoring alerts based on correlation of different sources of data.
• Operate and maintain various IDS / IPS working close with security / network architects to take security monitoring and defenses to the next level.
• Lead the response to security incidents and investigations working close with customers and IT providers, following SLA requirements.
• Conduct forensics / malware analysis to extract indicators of compromise for further mitigation and containment, evaluating incident scope and impact.
• Report to the SOC Manager and the customer involved CISO / CIO.
• Advice and train junior team members.
• Proactive monitoring on cyber threat landscape by performing research and study on latest security threats and vulnerabilities to ensure operational tools and processes are up to date.
• Ensuring contractual obligations are met and SLAs are met or exceeded.
• Manage priorities, deadlines and deliveries.
• Manage and create improvements and procedures regarding SOC Tools and Operations.

Required Skills & Experience

• Computer / Telecommunications Engineering degree or a related discipline.
• More than 3 years of relevant experience in the field of information security.
• Experience working in a Security Operations Centre (SOC) environment.
• Strong technical understanding of network fundamentals and common Internet protocols.
• Knowledge of system administration and security architecture.
• Knowledge of the main security monitoring tools (FW, IDS / IPS, HIDS, WAF, SIEM).
• Experience or proven knowledge of at least one IDS technology.
• Scripting in Bash, Python or PowerShell.
• Fluent in English (written and spoken).
• Self-motivated with the ability to work independently and as a team member in a challenging environment.

Nice to have

• Proficient in understanding Operating Systems and their architecture : Windows, Unix / Linux, and OSX Operating Systems.
• Windows server administration knowledge.
• Good understanding of Cyber security landscape : Cyber kill chain, TTP, Threat Intelligence ad malware distribution networks.
• Good understanding of information security concepts : defense in depth, BYOD management, data loss protection, risk assessment and security metrics.
• Three or more years working in a Security Operations Center (SOC) environment.
• Strong analytical and problem-solving skills.
• Strong communication, presentation, and leadership skills along with the ability to work in a highly collaborative environment.
• Exhibits initiative, follow-up and follow through with commitments.
• Manages multiple priorities in a high-pressure environment.
• Experience working with AWS or Azure infrastructure.
• Previous experience with malware reverse engineering.
• Related Certification (GCIH, GCFA, GCFE, GREM, CISSP) is a plus.

What we offer

• Medical insurance
• Birthday day off
• A dynamic work environment where innovation and collaboration are at the core

Industry IT Services and IT Consulting Employment Type Full-time