Level 2/ Level 3 SOC Analyst – QRADAR – Python – Linux
We are working with one of Irelands top managed service providers specialising in Cyber Security and after recent acquisitions and growth we have new requirements for Senior SOC Analysts to join their team.
As the Lvl 3 SOC Analyst you will assist in deploying, maintaining, tuning, monitoring, and managing security tools, you will act as a mentor to other members of the team and will review alerts from Level 2 analysts and network security devices, security information and event management and other tools as needed, works with other analysts to collect, correlate, and analyse security-relevant data, and respond to threats in a timely manner.
- Drive Consulting engagements with clients, designing & implementing QRadar Solutions
- Build, operate, and develop or maintaining a SIEM infrastructure.
- Provide architecture-level design to support and operate Security Information and Event Management (SIEM) or Security Event Management (SEM) best practices
- Design SIEM to meet growth while maintaining the balance between performance, stability, and agility.
- Manage customer expectations, onboard data into SIEM support projects in multi-site or clustered SIEM installations
- Conduct research in areas driven by customer use cases, architect and support systems used to configure and deploy enterprise SIEM log management solutions and develop automation for security tools management.
- Assist with the automation, deployment, integration, and testing of enterprise systems and services and create and optimize Big Data correlations
- Carry out Quarterly audit for the SIEM infrastructure for all customers
- Be a project lead and ensure all the SIEM projects are delivered in-line with Customer expectation and best practices
- Provides input to technical estimates created with standards tools, portfolio Work Breakdown Structures, statements of work and industry standard estimating techniques.
- Provide mentoring to other members of the Security Operations Centre team
- 4+ years of experience working in Security Operations Centre with a Security Incident & Event Management (SIEM) to correlate events across several devices.
- Experience on SIEM technology, preferably on IBM QRadar
- Scripting knowledge and Experience with Python
- Experience working in Linux environments
- Device Knowledge such as Firewall, IPS/IDS, Routers/Switches
- Strong understanding of network devices such as Intrusion Detection Systems (IDS)/ Intrusion Prevent Systems (IPS), firewalls, network packet capture tools, and file integrity monitoring tools.
- Proficient knowledge in incident prevention, detection and response tools
- Security certifications (CISSP, GIAC certs) preferred
- ITIL V3 certified
Please Note I will only be accepting applications from candidates with full working rights in Ireland. Citizens and Residents of Europe and Stamp 4 Visas accepted. If you would like to have a private and confidential discussion, please feel free to call Jon Browne on + 353 1 485 4967..