- 100% remote from anywhere in Ireland, UK or Europe!
- International IT Services & Security Consultancy
- Strong base salary (based on experience & location)
Our client is a global security consultancy and IT services business with a strong reputation in the market. Due to continued growth in their customer base, they are seeking an experienced L3 Security Operations Analyst to join their team on a permanent basis.
In the role you will be tasked with deploying, maintaining, tuning, monitoring, and managing security tools in the SOC. You will be an escalation point for L2 and L1 analysts during the incident escalation and response process, and play a key part in P1 issues. You will also be responsible for defining and build new SIEM use cases and to onboard new log sources into the existing SIEM platform. You will also act as a Technical Account Manager position for some of their customers, presenting security reports to assess the customer security posture.
Job Responsibilities:
- Act as a mentor and an escalation point for L1 and L2 SOC analysts
- Staying up to date with emerging security threats
- Participate in on-call rotation for after-hours security incident escalations
- Engage in weekly and monthly calls with the customers
- Create and review monthly customer reports
- Assist with the development of incident response plans, workflows, and Standard Operating Procedures
- Lead consulting engagements focused on the assessment, design, and implementation of enterprise-scale QRadar solutions
- Carry out quarterly audit of the SIEM infrastructure for all customers
- Lead incident investigation and response activity
- Identify and leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack
- Perform Advanced Persistent Threat correlation between multiple security event sources such as firewall logs, threat intelligence feeds, AV, IDS, IPS, and EDR solutions
- Review vulnerability scans and build vulnerability assessment reports
Education and Experience:
- Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environment
- Requires background in at least 3 of the following domains: ethical hacking, incident response, forensic analysis, security engineering, incident analysis and investigations
- At least 4 years’ experience working in Security Operations Centre with a Security Incident & Event Management (SIEM)
- Experience on SIEM technology, preferably on IBM QRadar
- Experience with scripting/programming language (phyton, bash)
- Experience with vulnerability assessment tools, preferably Qualys
- Proven experience in incident analysis, detection and response
- Knowledge of security devices such as Firewall, IPS/IDS, Web proxy, NAC systems, DLP systems, PAM systems
- Good OS knowledge such as Windows and Linux
- Security certifications preferred eg. QRadar, OSCP, CISSP, CCNP/CCIE (Security) etc
For this position you can work 100% remotely from almost anywhere as long as you work within Ireland/UK timezone.
Please click APPLY to be immediately considered!
