Security Operations Analyst (SIEM)
Security Operations Analyst (SIEM) (34335AM)
Location: Aeropuerto De Manises (Valencia), Spain
Sector: IT
Salary: 200.00 EU to 250.00 EU per day
Security Operations Analyst (SIEM) - 6-Month Contract - Spain/fully remote
Long running contract opportunity for a Security Operations Analyst to work on a fully remote basis, or hybrid/onsite at the client's offices in Valencia, Spain. You'll join an existing security operations team and help manage, identify, and resolve security-related incidents with the main client and its end customers. One of your main responsibilities will be the administration and engineering of SIEM platforms.
Single stage Teams interviews will take place at the end of June with onboarding in July or early August. It will be an initial 6-month contract that will extend multiple times, probably running for four years or more.
Your Security Operations Analyst duties:
- Build, adjust, and implement analytics and detection rules for SIEM, EDR, and AV
- Contribute to the preparation of KPIs for cybersecurity operations capabilities
- Monitor and investigate alerts leveraging Microsoft Security Tools (e.g. M365, Cloud App Security, Azure, Defender for EndPoint, Azure Security, Azure Sentinel, and XDR)
- Monitor and triage AWS security events and detections
- Monitor and investigate alerts leveraging EDR solutions
- Work with alerts from the CSOC Analysts, to perform in-depth analysis and triage of network security threat activity based on computer and media events, malicious code analysis, and protocol analysis;
- Review trouble tickets generated by CSOC Analyst(s)
- Provide other ad hoc support as required
You will have:
- Knowledge of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols
- Experience with Microsoft Security Tools (e.g. M365, Cloud App Security, Azure, Defender for Endpoints, Azure Security, Azure Sentinel, and XDR
- Knowledge of Cloud technologies (e.g. Azure, AWS, and GCP)
- Experience with SIEM tools like Splunk, QRadar, ArcSight, MS Sentinel, ELK Stack
- Knowledge of at least one EDR solution (MS Defender for Endpoint, Sentinelone, Crowdstrike)
- Experience in reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)
- Proven experience in administering a SIEM platform, preferably either Splunk or Microsoft Sentinel SIEM
- Fluent English.
This is a live requirement. The client is an international organization that will look great on your CV. It offers a collaborative and enjoyable work environment, with a team of international technical professionals. If you have SOC/SOA experience and want a new opportunity, get in touch today. #LI-AM1
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
mejor más rápidamente
