Security Operation Center Analyst Praha

Kontakt: Rysková Martina Ing., e-mail: marys@itm8.com

SOC Analytik bude zodpovědný za monitorování a reakci na bezpečnostní incidenty pomocí různých bezpečnostních nástrojů, jako je SIEM (Security Information and Event Management), AV (Antivirus), Endpoint Detection and Response (EDR), VM (Vulnerability Management), TI (Threat Intelligence) a SOAR (Security Orchestration and Automatic Response), tak aby interní a zákaznická IT infrastruktura zůstala bezpečná.Role zahrnuje detekci, analýzu a reakci na incidenty a také nepřetržité monitorování hrozeb.Jako analytik SOC budete muset pracovat ve směnném režimu 24/7, včetně nocí, víkendů a svátků.
The content of this job is to:

" The SOC Analyst will be responsible for monitoring and responding to security incidents using various security tools such as SIEM (Security Information and Event Management), AV (Antivirus), Endpoint Detection and Response (EDR), VM (Vulnerability Management), TI (Threat Intelligence) and SOAR (Security Orchestration and Automatic Response).
" Be ensuring that internal and customer's IT infrastructure remains secure.
" The role involves incident detection, analysis, and response, as well as continuous monitoring for threats.
" As a SOC Analyst, you will be required to work in a 24/7 shift rotation, including nights, weekends, and holidays.

The responsibilities of this job are to:

" Security Monitoring:
o Continuously monitor security alerts and events using tools defined in Section 2 in this document to detect potential security threats.
o Analyze and prioritize alerts based on the severity and impact of the potential threat.
" Incident Detection and Response:
o Investigate security incidents, identify the root cause, and take appropriate actions based on established procedures.
o Escalate incidents to higher-level analysts or other teams when necessary.
" Incident Management:
o Document and track security incidents within the ITSM system, ensuring accurate and timely recording of all relevant information.
o Collaborate with team members to ensure incidents are resolved in a timely manner.
" Threat Analysis:
o Conduct basic threat analysis to understand the nature of identified threats and potential risks to the organization.
o Utilize available threat intelligence to enhance detection capabilities.
" Security Tools Operation:
o Operate and maintain security monitoring tools defined in Section 2 in this document, ensuring they function optimally.
o Provide input on tool configurations to enhance detection and response capabilities.
" Communication and Reporting:
o Communicate findings and incident details to team members and other stakeholders as needed.
o Generate regular reports on security incidents and monitoring activities.
" Continuous Learning:
o Participate in ongoing training to stay up-to-date with the latest cybersecurity threats, trends, and tools.
o Engage in knowledge sharing within the team to improve collective expertise.

The minimum required skills (education and experience) are:

" You are service minded and a team-player
" You are structured, detail-oriented and put an honor in the quality of your work
" You can communicate your professional knowledge to end-users as well as experts
" You are self-driven and solution-oriented
" You have strong analytical and critical thinking skills to quickly assess and respond to security incidents
" You have worked a minimum of 0-2 years of experience in IT, networking, or a related field, academic projects, or lab work are also relevant
" You have a good understanding in DNS, TCP/IP networks and protocols
" You have a basic understanding in Antivirus, IDS/IPS, SIEM, SOAR and Vulnerability Management tools
" Knowledge of cloud platforms (Azure, AWS)
" You are keen to learn, taking part in trainings and certifications
" You are fluent in English - both spoken and written
" You are willing to work in 24/7 rotation