.At Lognext we have been accompanying companies and teams for more than 18 years to identify and implement the technology necessary to advance, making their challenges and objectives our own and getting closer to their reality. Therefore, being a NEXTER means that your career and talent become meaningful to you and those around you, allowing you to build what matters most to you and reach your next level.We are looking for a Cyber Security Operations Consultant to join our team for a multinational leader in the information security sector .Key Responsibilities:Monitor and investigate alerts leveraging Microsoft Security Tools (e.G. M365, Cloud App Security, Azure, Defender for EndPoint, Azure Security, Azure Sentinel and XDR).Monitor and triage AWS security events and detections.Monitor and investigate alerts leveraging EDR solutions.Review security events that are populated in a Security Information and Event Management (SIEM) system.Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.Identify incident root cause and take proactive mitigation steps.Assist with incident response efforts.Follow precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, alerts, etc.Integrate and share information with other analysts and other teams.Determine and direct remediation and recovery efforts.Provide other ad hoc support as required.Skills:Knowledge of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols.Deep knowledge of Microsoft Security Tools (e.G. M365, Cloud App Security, Azure, Defender for Endpoints, Azure Security, Azure Sentinel and XDR).Deep Knowledge of Cloud technologies (e.G. Azure, AWS and GCP).Deep knowledge of SIEM tools like Splunk, QRadar, ArcSight, MSSentinel, ELK Stack.Knowledge of at least one EDR solution (MS Defender for Endpoint, SentinelOne, Crowdstrike). - Knowledge of email security, network monitoring, and incident response.Knowledge of Linux/Mac/Windows.A minimum of five (5) years of relevant experience in information technology field, including triage of alerts and supporting security incidents.Proven experience with the usual toolbox available in a SOC (e.G., SIEMs, EDRs), able to autonomously perform technical analysis of security threats and collaborate with Incident Response team.Trouble ticket generation and processing experience.Extensive Windows, Linux, Database, Application, Web server, etc. log analysis.Expert knowledge of English, both written and spoken, is required.Job Conditions & Benefits:Permanent contractWork Mode: RemoteCompetitive salaryMulticultural and global environment: Collaborate with professionals from diverse nationalities and cultures, expanding your perspective and strengthening your intercultural skills
