(Os-499) - Security Operations Analyst (Siem)

Security Operations Analyst (SIEM) - 6-Month Contract - Spain / fully remote

Long running contract opportunity for a Security Operations Analyst to work on a fully remote basis, or hybrid / onsite at the client's offices in Valencia, Spain.

You'll join an existing security operations team and help manage, identify and resolve security-related incidents with the main client and its end customers.

One of your main responsibilities will be the administration and engineering of SIEM platforms.

Single stage Teams interviews will take place at the end of June with onboarding in July or early August. It will be an initial 6 month contract that will extend multiple times, probably running for four years or more.

Your Security Operations Analyst duties:Build, adjust and implement analytics and detection rules for SIEM, EDR and AVContribute to the preparation of KPIs for cybersecurity operations capabilitiesMonitor and investigate alerts leveraging Microsoft Security Tools (e.g. M, Cloud App Security, Azure, Defender for EndPoint, Azure Security, Azure Sentinel and XDR)Monitor and triage AWS security events and detectionsMonitor and investigate alerts leveraging EDR solutionsWork with alerts from the CSOC Analysts, to perform in depth analysis and triage of network security threat activity based on computer and media events, malicious code analysis, and protocol analysisReview trouble tickets generated by CSOC Analyst(s)Provide other ad hoc support as required You will have:Knowledge of Transmission Control Protocol / Internet Protocol (TCP / IP) protocolsExperience with Microsoft Security Tools (e.g. M, Cloud App Security, Azure, Defender for Endpoints, Azure Security, Azure Sentinel and XDR)Knowledge of Cloud technologies (e.g. Azure, AWS and GCP)Experience with SIEM tools like Splunk, QRadar, ArcSight, MS Sentinel, ELK StackKnowledge of at least one EDR solution (MS Defender for Endpoint, Sentinelone, Crowdstrike)Experience in reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)Proven experience on administering a SIEM platform, preferably either Splunk or Microsoft Sentinel SIEMFluent English. This is a live requirement. The client is an international organisation that will look great on your CV. It offers a collaborative and enjoyable work environment, with a team of international technical professionals.

If you have SOC / SOA experience and want a new opportunity, get in touch today.

#J-18808-Ljbffr