This position is responsible for monitoring, analyzing, and responding to security events and incidents within the Security Operations Center (SOC) for Admiral Europe, based in Spain. The role involves real-time event and alarm analysis, threat management, and continuous monitoring of security alerts in both on-premises and cloud environments. The SOC Analyst will be instrumental in ensuring the early detection and effective response to security incidents, while also contributing to the continuous improvement of security monitoring through the development and tuning of use cases.Functions and Responsibilities:Monitor, analyze, and respond to security events and alerts generated by the SIEM and other security tools.Investigate and triage security incidents, identifying the root cause and scope of the threat.Manage and respond to security incidents according to established SOC procedures and escalation paths.Conduct threat analysis using both structured and unstructured data from various sources (logs, alerts, and threat intelligence feeds).Continuously develop and refine use cases in the SIEM, ensuring accurate detection and alerting for a variety of threat scenarios.Propose and implement improvements to detection capabilities based on lessons learned from incident investigations.Maintain situational awareness of the evolving threat landscape and proactively adjust detection rules and use cases.Document findings, remediation steps, and recommendations for improvement in incident reports and knowledge base articles.Support the implementation and tuning of new security tools and technologies as required.Assist in developing and maintaining procedural documentation for security monitoring and response.Participate in purple team exercises to validate detection capabilities and identify gaps in current monitoring coverage.
#J-18808-Ljbffr