SOC Analyst (L2)

Short company description

At Evolve today we offer complex Human Resources services, from business consulting to headhunting and recruitment. We have extensive experience in finding talented professionals, for a variety of industries, especially in the IT sector.
We started with a dream: to create a Human Resources company with a strong, unique profile on the market, deeply shaped by our core values: commitment to performance, professionalism, a balanced approach and deep satisfaction for our clients.
From that moment, we nurtured special relationships and we continuously evolved, being flexible, but staying true to our values. We aim higher and higher and we invite you to EVOLVE with us!

Requirements

As a SOC (Security Operations Center) Analyst, you will play a pivotal role in safeguarding our organization's digital assets and infrastructure. You will be responsible for monitoring, detecting, analyzing, and responding to security incidents and threats in real-time, ensuring the integrity, confidentiality, and availability of our systems and data. You will work closely with other cybersecurity professionals to proactively identify vulnerabilities, develop mitigation strategies, and enhance our overall security posture.

Qualifications:

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant work experience may be considered instead of a degree.
At least 5+ years of experience as a SOC Analyst or similar role;
Professional certifications such as CISSP, CompTIA Security+, GIAC, or equivalent are highly desirable.
Proven experience working in a SOC environment, with hands-on experience in incident detection, analysis, and response.
In-depth knowledge of network protocols, operating systems, and cybersecurity principles.
Familiarity with SIEM platforms, log management solutions, and other security technologies.
Strong analytical and problem-solving skills, with the ability to quickly assess and prioritize security incidents.
Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams.
Ability to work under pressure in a fast-paced environment and respond to security incidents promptly and decisively.
Attention to detail and a commitment to maintaining the confidentiality, integrity, and availability of sensitive information.
Experience with scripting languages (e.g., Python, PowerShell) and automation tools is a plus.
Experience with FireEye/Trellix technologies is a plus.
Experience with OT/ICS environments is highly desired

Responsibilities

Responsibilities:

Monitor security events and alerts from various sources, including SIEM (Security Information and Event Management) systems, IDS/IPS (Intrusion Detection/Prevention Systems), firewalls, antivirus solutions, and endpoint detection tools.
Investigate and analyze security incidents to determine the root cause, scope, and potential impact, utilizing forensic techniques and tools when necessary.
Develop and maintain SOC procedures, playbooks, and workflows to ensure efficient incident response and resolution.
Collaborate with internal teams to identify and remediate security weaknesses, misconfigurations, and vulnerabilities in systems, applications, and network infrastructure.
Participate in threat hunting activities to proactively identify emerging threats and malicious activities within our environment.
Provide timely and accurate reporting on security incidents, including their status, impact, and remediation actions taken, to management and relevant stakeholders.
Stay up-to-date with the latest cybersecurity threats, trends, and technologies, continuously enhancing your skills and knowledge through training and certifications.
Assist in the implementation, configuration, and tuning of security tools and technologies to improve detection capabilities and reduce false positives.
Act as a subject matter expert on security-related matters, providing guidance and support to internal teams and stakeholders.
Contribute to the development and enhancement of SOC policies, procedures, and standards to ensure compliance with regulatory requirements and industry best practices.