JUST ONE, on behalf of its client, a well-known company acting in the Cyber Security and Cyber Defense in Greece & abroad, is looking for a :
Senior SOC Engineer L2 (QRadar)
The Senior SOC Engineer will support multiple functions that keep our SOC operations running strong. Ideal candidates will have over 2 years of experience with security incident handling and response tasks as well as hands on experience with a SIEM solution.
The engineer should be competent to work at a high technical level, be a strong team player and be willing to follow applicable processes and procedures while maintaining the flexibility to “think outside the box”.
Assist and mentor L1 Analysts on triage.
Perform tier 2 incident analysis and response for escalated incidents.
Communicate with SOC management, senior SOC staff members and customers regarding investigations and status updates.
Design, create and maintain custom SIEM content (creation, evaluation and tuning of rules, reports, dashboards, etc.).
Design, create and maintain custom tools that support incident handling and response activities.
Conduct research on attacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits to accordingly enhance the threat and technical intelligence of Cyber Defense services.
Responsible for the continuous availability and support of the on premise and cloud SOC infrastructure as well as of the CPEs.
End to end client integration with SOC (aka client on boarding) for fresh installations and ad hoc scope expansions.
SOC infrastructure design, implementation, maintenance and support.
Manage system health and capacity utilizing monitoring tools.
Development and improvement of manuals and documentation (deployment and configurations guides, troubleshooting guides, technical articles, etc.)
Interface regularly with the SOC Manager to provide feedback on SOC operations.
On-call support during non-business hours.
Perform other duties as assigned by management.
3+ years of Information Security with at least 2 years of experience in incident analysis and response activities. Experience in a SOC environment is preferred.
Demonstrated experience in a SIEM product.
Significant experience performing analysis of logs from a variety of sources.
Experience with packet analysis (Wireshark) and malware analysis.
Knowledge of current security trends, threats, and techniques.
Experience with scripting (Perl, Python, or bash scripting).
Good verbal and written communication skills (Greek and English)
Desired: IT Security Certification such as GCIH/GCIA/CEH/CISSP, product certifications such as SIEM certifications or ability to obtain via self-study within one year of hire date
The company offers:
Competitive Compensation package
Career development and growth opportunities
Continuous training in new technologies and tools
To apply, please send your CV at firstname.lastname@example.org with the reference ''QRADAR''