SOC Analyst Tier 3 (Full Time)

Park West, Ireland

Description

Purpose of the role:
The Senior Security Operations Centre (SOC) Analyst assists in deploying, maintaining, tuning, monitoring, and managing security tools related to the Security Operations Centre. The Senior SOC analyst will function as a Level 3 analyst, and act as a mentor to other members of the team. The Tier 3 SOC analyst will review alerts from Level 2 analysts and Zinopy network security devices, security information and event management and other tools as needed, works with other analysts to collect, correlate, and analyse security-relevant data, and respond to threats in a timely manner. This position reports to the SOC manager.

Role and Responsibilities :

• Performance and power modelling and evaluations of existing and future designs
• Defining and evaluating SIEM software and firmware optimisations
• Workload & benchmark definition and development
• Lead consulting engagements focused on the assessment, design, and implementation of enterprise-scale QRadar solutions

· Build, operate, and develop or maintaining a SIEM infrastructure.
· Provide architecture-level design to support and operate Security Infor-mation and Event Management (SIEM) or Security Event Management (SEM) best practices
· Design SIEM to meet growth while maintaining the balance between per-formance, stability, and agility.
· Manage customer expectations, onboard data into SIEM support projects in multi-site or clustered SIEM installations
· Assist with the development of advanced reports to meet the requirements of key stakeholders.
· Conduct research in areas driven by customer use cases, architect and support systems used to configure and deploy enterprise SIEM log man-agement solutions and develop automation for security tools management.
· Assist with the automation, deployment, integration, and testing of enter-prise systems and services and create and optimize Big Data correlations
· Service Delivery Responsibilities
· Carry out Quarterly audit for the SIEM infrastructure for all customers
· Be a project lead and ensure all the SIEM projects are delivered inline with Customer expectation and best practices
· Provides input to technical estimates created with standards tools, portfolio Work Breakdown Structures, statements of work and industry standard es-timating techniques.
· Provide mentoring to other members of the Security Operations Centre team
· Design and deploy Vulnerability Management and remediation
· Will be required to work on customer sites from time to time.


Essential Skills:
Strong problem-solving skills, critical thinking, excellent analytical ability, strong judg-ment and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environment.
• Experience on SIEM technology, preferably on IBM QRadar
• Device Knowledge such as Firewall, IPS/IDS, Routers/Switches
• Security certifications (CISSP, GIAC certs) preferred
• ITIL V3 certified
Education and Experience:
Strong problem-solving skills, critical thinking, excellent analytical ability, strong judg-ment and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environment.
• 4+ years of experience working in Security Operations Centre with a Security Inci-dent & Event Management (SIEM) to correlate events across several devices.
• Strong understanding of network devices such as Intrusion Detection Systems (IDS)/ Intrusion Prevent Systems (IPS), firewalls, network packet capture tools, and file integrity monitoring tools.
• Proficient knowledge in incident prevention, detection and response tools
• Knowledge of network and server security products, technologies, and protocols
• Requires background in at least 2 of the following domains: hacking and incident response; network forensics; security engineering, security analysis and investiga-tion
• Device Knowledge such as Firewall, IPS/IDS, Routers/Switches
• Security certifications (CISSP, GIAC certs) preferred
• ITIL V3 certified

 

Salary

On application