Senior SOC Analyst

Purpose

As a Senior Security Operation Center (SOC) Analyst, you will be an expert in incident detection and response, perform in-depth investigations on complex security cases, handle security incidents and crisis.

You will be a strong contributor to building and operating the SOC architecture and internal tooling, as well as detection and response solutions like EDR.

Your role comprises various activities for enhancing the company security posture, and the overall SOC service maturity and performance : detection strategy and implementation, internal processes, incident response automation, threat intelligence integration, security advisories.

Your role also involves managing a third-party MSSP SOC, managing knowledge, mentoring inside and outside the team and foster a collaborative and skilled team environment.

Key Missions

Incident Detection and Response: 
    • Support of the cyber incident response team as expert to perform deep-dive analysis of complex security cases, direct handler of the most complex investigation and response actions
    • Ensure a quick adaptation of the detection capabilities based on cyber threat actor TTPs
    • Ensure, in coordination with the MSSP SOC, the build and maintenance of the detection strategy : risks covered, solutions and security events used for detection, MITRE Attack coverage.
    • Perform recurrent threat hunting for malicious activity, purple teaming exercises for detection enhancement

SOC tooling and security solutions : 
    • Be responsible for projects including design, build, and run of the SOC tooling : SIEM, EDR, cyber case management, Threat Intel, automation platforms, integration with internal and external tools and feeds.
    • Perform evaluations and optimizes SOC tools and technologies.
    • Contribute to detection and remediation policies on security solutions, advise on prevention policies.

Process : 
    • Continuously reviews and improve SOC processes and procedures to enhance efficiency and effectiveness. 
    • Document incident response activities and lessons learned to foster continuous improvement.
    • Define and implement incident response playbooks to improve the speed and consistency of response.

Knowledge Management : 
    • Contribute to create and maintain operational documentation and procedures.
    • Act as a referent, providing guidance and training to develop skills inside the Cyber Defense team and operational teams who will support cyber investigation
    • Foster a culture of knowledge sharing and collaboration within the team.

Profile :
Bachelor's degree in Computer Science, Information Security, or a related field. 
Professional certification like CISSP, SANS FOR 508, GIAC, EC-Council, CompTIA.

Minimum of 3 years of experience in a SOC or cybersecurity analysis role, with a proven track record of managing complex incidents.
Proficiency in security technologies and tools, including SIEM/XDR, IDS/IPS, EPP, EDR, and CTI.
Strong knowledge on networking protocols and services, operating systems and associated services -  Windows, Linux - overall enterprise IT.
Ideally capable of coding – scripting, python.

Strong analytical skills and experience with forensic analysis tools and techniques.