Security Operations Center Analyst

We are looking for a skilled SOC Analyst to join our team!

A challenging role combining operational activity as part of the organizational CSIRT team (about 60%) with responsibility for continuous development, maintenance, and improvement of the organizational SIEM system (about 40%).

Responsibilities include cyber incident response, attack investigation, threat hunting combined with content development, writing monitoring rules and playbooks, and acting as a force multiplier for the ongoing maintenance of the organizational SIEM system.

Responsibilities:

• Responding to cyber incidents as part of the CSIRT team, including investigation, classification, prioritization, and lessons learned
• Conducting Threat Hunting and identifying vulnerabilities based on cyber intelligence, logs, and security tools
• Analyzing logs from operating systems, network equipment, applications, and security systems
• Working with various information security tools and systems
• Familiarity with cloud environments and security tools within these environments
• Developing and maintaining the SIEM system, both infrastructure and application levels (writing alerts, building dashboards, designing and writing playbooks)
• Continuous improvement of monitoring content, detection capabilities, and process automation using scripting (Python, PowerShell)
• Integration between SIEM and security systems, information sources, and additional security tools
• Supporting critical processes and ensuring compliance with information security and regulatory requirements

Requirements:

• Minimum 3 years of experience in SIEM / SOC / Information Security / Systems / Networking
• Proven experience in cyber incident investigation and response (Incident Response)
• Experience working with, developing, and maintaining SIEM systems
• Understanding of cybersecurity and defense mechanisms
• Deep knowledge of communication protocols and channels (TCP/UDP/SSH/HTTP/SMTP/WebSockets/API)
• Deep knowledge of Windows and *nix operating systems
• Experience with Active Directory / IDP / SP / Entra AD
• Familiarity with Threat Intelligence / OSINT tools
• Experience with Forensics and computer/network investigations
• Strong understanding of cyber terminology, attack types, and mitigation strategies
• Willingness to work on-call / around the clock when necessary

Significant Advantages:

• Experience in development / system administration
• Experience in Threat Hunting and advanced attack analysis
• Scripting skills (Python / PowerShell)
• Experience with Forensics tools (EnCase, FTK, Autopsy)
• Familiarity with DevOps / DevSecOps environments
• Experience in financial or regulatory organizations
• Professional certifications in cyber, system analysis, risk management
• Professional certifications in cloud technologies