SOC - Cyber Security Analyst Level 2
Summary:
Reporting to the SOC Team Leader, the technical responsibilities of the Level 2 Cyber Security Analyst can include advanced qualification of security events, in-depth investigations, incident handling, security research, as well as limited content development work. In order to continually support the client mandate, some non-technical responsibilities of the Level 2 Analyst role will be to provide input into existing processes and workflows as well as suggest future documentation needs. The Level 2 Analyst is also expected to provide mentoring and guidance to Level 1 analysts in support of team growth and development. The schedule of the Level 2 Analyst role encompasses working on an 8h shift-rotation schedule including mornings, afternoons, and weekend shifts.
Primary Responsibilities and Duties:
* Qualify SIEM incidents reported by Level 1.
* Investigate beyond the depth and technical expertise expected of Level 1.
* Perform incident response and report findings to customers.
* Handle incident escalations from Level 1.
* Qualify and escalate security incidents to our customers based on the incident severity.
* Perform Security research to suggest SIEM use-cases and refine investigation methods.
* Suggest improvements to the current SIEM content.
* Communicate directly with customers during meetings or escalations.
* Define or update processes and other documentation.
Secondary Responsibilities and Duties:
* Guide and mentor Level 1 Cyber Security Analysts.
* Quality Control (detections / tickets).
* Assist with training of Level 1 analysts.
Qualifications and Skills:
* Fluency in French, both spoken and written, is required
* Ideally, working experience in the Security Operations Center or other cyber security team
* Intermediate knowledge of SIEM (ideally Splunk) and/or IPS-related technologies is a mandatory skill.
* Strong analytical & technical skills. Ability to develop hypotheses for security events using limited, ambiguous, or conflicting information.
* Ability to lead and communicate efficiently within a team environment.
* Good English skills (both written and verbal).
* Professional certifications such as CCNA, CEH, SANS GCIA or GCIH, eCTHP, eCDFP are bonus/plus
* Education: (Preferred) Bachelor of Science degree in Computer Science, Computer Engineering, Information Technology or equivalent.
* 1+ years working within the information security field, with emphasis on security operations, incident management, intrusion detection, and security event analysis.
* Knowledge of technical writing and documentation and the ability to map processes and procedures back to roles and responsibilities within the organization.
* Great customer service skills.
Our Benefits:
Educational courses, training, Meal tickets / catering allowance, Holidays 5 weeks, Sick days, Occasional work from home, Contribution to sport / culture / leisure, Contributions to the pension / life insurance #J-18808-Ljbffr