Beschreibung
Security Operations Centre Level 2 Analyst
Our client is a leading consultancy providing Cyber Security Services to a number of global clients.
They require a Level 2 Security Operations Centre Specialist - so you will be responsible for the security monitoring & log analysis of multi-vendor security solutions.
You will also be responsible for responding to security incidents (malware infections, unauthorised access, malicious emails, DDoS attacks, etc, together with evaluating the type, nature and severity of security events (security assurance/security compliance) through the use of a range of security event analysis tools. You will need to understand common security vulnerabilities and mitigation techniques.
You will also enhance and tune SIEM and NIDS rules to identify, react to security alerts whilst reducing false positives and review threat intelligence and indicators of compromise - being the escalation point for Level 1 analysts.
Perform operational 'eyes on glass' Real Time monitoring and analysis of security events from multiple sources including but not limited to events from SEIM monitoring tools, network and host based intrusion detection systems, Firewall logs, system logs (Unix & Windows) - Perform advanced diagnosis and remediation planning in response to security events & incidents - Analyse security event logs and alerts to determine validity, priority and impact against both security threat best practice counter measure and client compliance obligations.
Security Industry certification such as GCIA, GCIH, GCFA, or GREM would be highly beneficial.
Operating out of a Security Operations Centre (SOC) in Zurich, Switzerland, you will work in a team Analysts - this team will use state of the art SIEM, IDS/, NAC toolsets to perform log analysis and monitoring activity along with other security solutions to aid investigations of cyber incidents. Importantly you will engage in appropriate incident response and corrective action as required or as set out in associated Service Level Agreements.
You will have at least 3 years of IT Security/Information Security experience, Malware Analysis, developing SIEM and NIDS rules, will have an advanced understanding of Unix/Linux, TCP/IP, Perl Scripting, and knowledge of incident/problem management frameworks - such as NIST or ITIL.
This role is based in Zurich Switzerland - on a day rate contract - you'll be initially contracted for 12 months - but it is likely to be extended for a few years.
We have advertised the role at £ per day (so in Swiss Francs, this would be CHF per day)
Do call or email me to discuss.