Security Operation Center (SOC) Analyst

Vector Synergy
The Hague, Netherlands
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Junior

Job location

The Hague, Netherlands

Tech stack

Microsoft Windows
Computer Security
Identity and Access Management
Issue Tracking Systems
Intrusion Detection Systems
Network Security
Network Intrusion Detection Systems
ArcSight SIEM Tool
Security Information and Event Management
Snort (Software)
Malware
Firewalls (Computer Science)
Operational Systems
Splunk

Job description

  • Acting as the 1st line of response regarding a potential occurrence of a cyber-attack or security incident, supported by several automated tools such as IDS, log correlation engines and SIEM, ticketing system, and alerts and warning from internal and external sources;
  • Receiving, triaging, and responding to alerts, requests, and reports;
  • Analysing events and potential incidents;
  • Providing the primary support for Incident Responders;
  • Assessing whether a security incident or the level of exposure of a vulnerability is a true or false positive, tagging the vulnerability or incident with an initial severity classification, and activating the corresponding incident response playbook entry;
  • Following pre-defined procedures to perform technical tasks related to identity and access management (IAM).

Requirements

Do you have experience in Windows?, * Experience as a Security Operations Centre Analyst;

  • Minimum 1 year of experience in using, configuring, and tuning a security information and event management (SIEM) tool, ideally Splunk and/or ArcSight;
  • Experience with a log management solution such as HP ArcSight Logger and/or Splunk or equivalent;
  • Experience in writing and optimizing IDS signatures (preferably Snort and/or Suricata);
  • Knowledge on:
  • Network security solutions and technologies such as:
  • Firewalls;
  • Network intrusion detection systems (IDS);
  • Intrusion prevention systems (IPS);
  • Host-based security solutions:
  • Host-based intrusion prevention systems (HIPS);
  • Malware end-point protection;
  • Operating system logs;
  • Good knowledge on:
  • MS Windows security events analysis;
  • Security analysis of firewall, proxy, and IDS logs;
  • Excellent analytical and critical thinking skills;
  • Very good interpersonal skills with the ability to work well both independently and in a team;
  • High degree of commitment and flexibility;
  • High level of customer and service orientation;
  • Ability to work effectively in an international and multi-cultural environment;
  • Readiness to work in a 24/7 shift mode;
  • Very good communication skills in English, verbally and in writing.

Apply for this position