SOC Analyst II

As member of Cyber Intelligence & Security Operations Center (CISOC) team, he/she willfocus on security monitoring. The ideal candidate will have hands-on experience on improving monitoring and detection capabilities by leveraging SIEM/XDR technologiesand working with various teams to remediate identified risks.Key responsibilities:

• Implement new security use cases on the SIEM/XDR.
• Use case fine-tuning to decrease the ratio of false positives.
• Support the implementation and maintenance of simulated threats to automatically test and enhance use cases.
• Evolve current technologies according to defined roadmap.
• Collaboration on the improvement of the security detection capabilities with Security Detection and Incident Response team
• Act as point of contact for managing & delivering various reports & dashboards.
• Understand the company framework and follow defined processes. Ensure compliant documentation requirements and guarantee its production as required according to the SOPs and working instructions.
• Work with various risk & information security teams in presenting security monitoring status & updates to technology subject matter experts & management.

The ideal candidate will have a strong knowledge about:

• At least 3 years experience working with SIEM
• Proven experience in development of security use case for SIEM/XDR technologies such asSplunk Enterprise Security, Microsoft Sentinelor Microsoft Defender. Certification is a plus.
• Desired experience in BAS (breach & attack simulation) threat creation.
• Proven experience in reporting/ticketing platforms like ServiceNow.
• Knowledge of common security weaknesses including remediation processes, prioritization, change management, analysis, & triage.

• Excellent spoken and written English.
• Programming experience in scripting languages (Python, PowerShell, Ansible, Bash)
• Experience working in a virtual, international and multicultural environment.
• Analytical thinking, good communication, problem solving, results oriented, agility and teamwork skills.

Security certifications like Security+ CE, GCIH, ECIH, OSCP, CEH are desired but not mandatory.