Security Operations Analyst (24x7 coverage)

Detalles del empleo

Full Time | Valencia, Spain or remotely within CET

If you like this offer, please send your CV mentioning the job title to: [email protected]

Location: Valencia, Spain or remotely within CET.

Teleworking option: Yes

The resource MUST have the following skills and experience:

Knowledge of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols
Deep knowledge of Microsoft Security Tools (e.g. M365, Cloud App Security, Azure, Defender for Endpoints, Azure Security, Azure Sentinel and XDR)
Deep Knowledge of Cloud technologies (e.g. Azure, AWS and GCP)
Deep knowledge of SIEM tools like Splunk, QRadar, ArcSight, MS Sentinel, ELK Stack
Knowledge of at least one EDR solution (MS Defender for Endpoint, SentinelOne, CrowdStrike)
Knowledge of email security, network monitoring, and incident response
Knowledge of Linux/Mac/Windows
A minimum of five (5) years of relevant experience in information technology field, including triage of alerts and supporting security incidents
Proven experience with the usual toolbox available in a SOC (e.g., SIEMs, EDRs), able to autonomously perform technical analysis of security threats and collaborate with Incident Response team
Trouble ticket generation and processing experience
Extensive Windows, Linux, Database, Application, Web server, etc. log analysis
Expert knowledge of English, both written and spoken, is required

The resource SHOULD have the following skills and experience:

Experience on an Incident Response team performing Tier I/II initial incident triage.
Proven knowledge of monitoring AWS environment (Iaas, Saas, Paas)
Knowledge of at least one general-purpose or shell scripting language (e.g. Ruby, Bash, PowerShell, Python, etc.)

Soft skills:

Desirable certifications:

Technical certifications: MCSE, CCNA, Microsoft Azure (e.g., SC-200), GCIH, CEH, GCFA or any GIAC/similar certification

Teleworking Option:

On-call requirements: