Senior Security Analyst

2-5 years of experience as a security operations analyst;

Knowledge in the following areas: Security Incident Management and Response; Log Monitoring / SIEM; Cloud perimeter security (AWS and GCP); Desktop and physical network protection; Digital forensics (e.g. email header analysis, log analysis and correlation, fundamental endpoint forensics and sysinternals); IDS / IPS; Authentication management; Vulnerability Management;

Proficiency in incident management (CSIRT) and forensic analysis;

Familiarity with financial industry security standards (e.g., PCI DSS, ISO 27001);

Good understanding of business and technical information security concepts based on ISO 27001 standard;

Knowledge of data protection principles and implementation;

1.Security Incident Management and Response:

Observing Security Events: This role involves consistently monitoring security event logs and alerts from multiple sources, including SIEM, endpoint protection system (EDR), intrusion detection and prevention systems (IDS/IPS), DLP alerts, and threat intelligence feeds;

Event Triage and Prioritization: Evaluation of security events' severity, criticality, and potential impact for further escalation;

Advanced Incident Investigation and Handling: Conduct deep-dive analysis of complex security incidents, identifying their root cause, scope, and impact and devising appropriate mitigation or remediation strategies;

Incident Response Management: Coordinate and spearhead incident response initiatives, collaborating with different teams within the organization, such as Engineering, ServiceDesk, DataPrivacy, InfoSec, HR, Legal team, to devise and execute comprehensive incident response plans and remediation strategies;

Pursuit of Continuous Improvement: Consistently participating in assessing and enhancing SOC processes and playbooks, spotting opportunities for improvement, sharing insights, and incorporating lessons from incidents, contributing to the evolution of the SOC's operational effectiveness;