Cyber SOC Analyst

Role

The SOC at SICPA is built of the most advanced and recent cyber technologies. Without levels distinction (Tier-1/2/3), the Cyber SOC Specialist has an exclusive role and will perform both Operations duties and Engineering activities.

Operational activities :

•Monitor the firm’s environment for abnormal behaviour and potential security breaches by triaging security alerts.

•Perform thorough investigations of security alerts generated by our Cyber detection tools.

•Launch response measures to security incidents within the SICPA network, infrastructure, identity management and applications.

•Work closely with the Threat Intel team during investigation and Threat assessment.

•Utilize industry standard network and host forensic tools in order to fully understand the scope of an incident.

•Work the full ticket lifecycle; handle every step of the alert, from detection to remediation.

•Perform threat hunting by searching our existing infrastructure for signs of malware and malicious events not detected by our existing security controls.

•Document and present activities and progress.

•Perform standby duties.

Engineering activities :

•Be deeply involved in the evaluation and implementation of new cybersecurity technologies.

•Deploy and improve industry leading technology tools and solutions to enhance the security posture for SICPA keeping them up-to-date and use their full potential.

•Provide technical expertise regarding the protection of company information, systems, networks, and applications plus assists with implementation of counter-measures or mitigating controls.

•Build new detection rules and tune existing rules to have the most accurate monitoring system and avoid triage fatigue with false positive events.

•Develop a strong working relationship with key business and technical partners to ensure cross-organization, co-operation and business support.

•Help to develop, implement, and maintain SOC policies, processes and procedures.

Proficient in orchestration, automation, and deployment tasks, including coding and related activities

PROFILE

•Experience in a similar environment (SOC, CERT, CSIRT) including Monitoring, Deception mechanism, Hunting and Incident response including Investigation and Forensic (minimum 5 years)

•Bachelor degree in Cyber security or equivalent.

•Practical experience with security technologies such as firewalls, IDS/IPS, SIEM, anti-malware, web filtering, vulnerability scanning and endpoint detection and response tools.

•Hands-on experience in investigating and responding to common types of cyber attacks.

•Strong understanding of enterprise IT, including networking infrastructure, operating systems, cloud and SaaS services, systems administration, data centers and software applications.

•Good communications skills to effectively summarize and present findings to stakeholders and management

•Very good knowledge of English both written and spoken, other languages are an asset. Ability to engender positive and reliable work attitude when confronting with high pressure business situations.