*project* description*:
luxoft dxc technology company is an established company focusing on consulting and implementation of complex projects in the financial industry. At the interface been technology and business, we convince with our know-how, well-founded methodology and pleasure in success. As a reliable partner to our renowned customers, we support them in planning, designing and implementing the desired innovations. Together with the customer, we deliver top performance!
For one of our clients in the insurance segment we are searching for soc analyst
*responsibilities*:
review security events and alerts from various sources, such as av, cspm, cwpp, dlp, edr, firewalls, ids/ips, security information and event management (siem) systems.
Identifying potential security incidents, vulnerabilities and exposures through the analysis of security-related events and analytics.
Responding to security incidents following established incident response procedures, and escalating incidents as necessary.
Triage and classify security incidents based on their severity and potential impact as per sla sop.
Analyze the scheduled and ad-hoc reports
monitors the health of customer security sensors and siem infrastructure
collects data and context necessary to initiate level 2 escalation
communicating security risks and incidents to other members of the soc team and to management.
Keeping accurate and detailed documentation of security incidents, vulnerabilities, and exposures.
Participating in incident response activities, including forensic analysis and incident containment.
Assist in the implementation of security policies, procedures, and controls.
Keeping abreast of new security threats and vulnerabilities, and recommending appropriate countermeasures.
Participating in on-call rotation and being available for incident response during off-hours.
*skills*:
must have
bachelor s degree in computer science, computer engineering, cybersecurity, or related field.
Minimum 5+ years of experience working in infosec operations.
Solid understanding of linux system administration and networking
knowledge of aws, azure or gcp cloud environments
knowledge of siem platform such as splunk/elk stack
scripting experience in python or powershell
good communication skills
nice to have
comptia cysa+, ceh or aws certifications would be plus
understanding of dbs (sql and no sql) is a plus
scripting (python) skills is a plus
*languages*:
english: c1 advanced
*seniority*:
regular
*relocation package*:
if needed, we can help you with relocation process.
Vacancy specialization
other consulting
ref number
vr-96353