L1 Soc Analyst
2 mesi fa
About Us Integrity360 is one of Europe's leading cyber security specialists operating from office locations spread out across Europe, providing a comprehensive range of professional, support and managed cyber security services for our 300+ clients.
With four top-class Security Operation Centers, we offer a complete end-to-end security services covering our clients' security from every angle.
Our services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance and Cyber Risk Assurance services.
What sets Integrity360 apart is our excellent team of people that drive the business forward.
The company was founded with a focus on technical expertise and that philosophy remains today.
The skills and experience in our company are some of the greatest in the industry and clients remain with Integrity360 because they can rely on and trust us to go above and beyond to ensure their needs are met.
Listed multiple times on Gartner Market Guides for Managed Security Services.
Job Description:As a Level 1 SOC Analyst, you will mainly be responsible for monitoring security events and triaging alerts in a timely manner.
Additionally, you may assist in incident response activities within the CSOC (Cyber Security Operations Center).
This entry-level position is pivotal in maintaining the security posture of the customers that Integrity360 provides security services to.
Responsibilities:Under supervision of CSOC Manager and/or Team Leader, learn how to and be responsible for: Security event monitoring:Monitor security alerts generated by various security tools such as SOAR, SIEM, IDS/IPS, EDR, and XDR systems.
Alert triage:Analyze and triage security alerts promptly to determine their validity and severity.
Prioritize alerts based on established procedures and escalate them as necessary.
SLA handling/management:Aspire to manage security events in accordance with applicable (response and resolution) SLA's.
Incident investigation:Conduct preliminary investigations of security incidents to gather relevant information such as indicators of compromise (IOCs), affected systems, and potential impact.
Documentation:Document all activities, findings, and actions taken during incident response and investigation processes.
Maintain accurate incident records and update incident tracking systems accordingly.
Collaboration:Collaborate with cross-functional teams including network operations, system administrators, and other SOC analysts to resolve security incidents and mitigate potential threats.
Continuous improvement:Stay updated on the latest cybersecurity threats, vulnerabilities, and best practices.
Provide feedback on SOC processes and procedures to improve efficiency and effectiveness.
Communication:Communicate in an appropriate manner with internal resources and customers and perform customer escalations as per defined playbooks and other relevant documentation.
Knowledge and Skills: Fluent in English Italian Basic understanding of cybersecurity principles, including network security, endpoint security, and threat intelligence Familiarity with security technologies such as SIEM, IDS/IPS, firewalls, and EDR/XDR solutions Proficiency in using security tools and software for monitoring and analysis purposes Strong analytical and problem-solving skills with attention to detail Ability to work effectively in a fast-paced environment and prioritize tasks accordingly Good communication skills, both written and verbal, with the ability to convey technical details Certifications (preferred but not required): CompTIA Security+ GIAC Security essentials (GSEC) Blueteam security level 1 #J-18808-Ljbffr