Head of Technology Operations & Security leading IT and security for a deep - tech scale - up. Overseeing IT operations and governance while implementing security within quantum communication technologies.
About the role
- L3 SOC Analyst managing security escalation cases using threat intelligence at Hewlett Packard Enterprise. Focused on cybersecurity incidents and team mentorship in a hybrid environment.
Responsibilities
- Monitor work queues for new escalations from the L1/L2 team.
- Triage cases when there are multiple escalations in the queue.
- Perform deep-dive analysis on escalated cases.
- Uses Threat intelligence and IOA/IOC data to identify source and impact of attack.
- Clearly document your investigations as they progress and regularly add case notes to maintain situational awareness.
- Complete the investigations and recommend remediations for low and medium severity security incidents.
- Initiate a war room for confirmed or suspected critical security incidents and follow the documented incident response plan.
- Complete Post Incident Review (PIR) documentation for all medium and higher severity security incidents.
- Monitor work queues for new cases requiring review.
- Triage case reviews as required.
- Review cases completed by L1 analysts for quality, accuracy, and completeness.
- Immediately investigate any you suspect to be true security incident falsely closed in L1/L2.
- Provide feedback, guidance and mentoring to L1/L2 analysts where appropriate to improve their initial investigation skills.
- Recommend exceptions or changes to detection rules to reduce false-positive detection.
- Time permitting, perform proactive reviews of open and acknowledged events currently being triaged by the L1 team.
- Assist the peer L3 team in scheduled threat hunting activities.
- Develop queries or other methods for detecting new or previously undetected exploits, tactics, and techniques. Work with the Engineering team to implement these detections.
- Maintain situational awareness by being aware of new and emerging threats, including vulnerabilities, threat actors, tactics, and techniques.
Requirements
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field or equivalent experience desired.
- Generally, 5+ years in SOC, Incident Response, or Threat Analysis roles.
- Strong knowledge & understanding of common attack vectors and threat actor tactics, techniques, and procedures.
- Knowledge of Elastic SIEM is preferred. If not experience on any of the other SIEM tools like Sentinel, Splunk, QRadar, LogRhythm.
- Relevant industry qualification where applicable.
- Excellent verbal and written communication skills in language to be supported.
- Advanced troubleshooting skills in a technical environment.
- Excellent analytical and problem solving skills.
- Advanced Software and hardware knowledge of computing, storage and peripheral devices.
- Knowledge of multiple product lines (for example, proactive, reactive, storage, enterprise systems, tier 2 or 3 support, etc.).
- Advanced proficiency with case management databases and tools.
Benefits
- Health & Wellbeing: comprehensive suite of benefits that supports physical, financial and emotional wellbeing.
- Personal & Professional Development: programs catered to helping you reach any career goals you have.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Head of IT & Security Operations ensuring secure cloud - based IT for quantum communication technologies. Leading a small IT team and aligning security, compliance, and business priorities.
Senior Security Analyst triaging and investigating security alerts for award - winning IT provider. Collaborating to improve detection capabilities and mentor junior analysts in SOC environment.
Junior Network Analyst in NetSecOps at Porto managing network security and infrastructure. Focus on connectivity and collaboration for seamless communication across the company.
Solution Sales Manager driving revenue growth in financial services sector in Austria and Switzerland. Focused on ServiceNow IRM and Tanium solutions integration with consultative selling approach.
Cybersecurity Analyst at Trust Control monitoring threats and responding to incidents in the SOC. Engaging in continuous learning to enhance cybersecurity practices and strategies.
SecOps Engineer responsible for maintaining and improving application security in cloud infrastructure at Shopmonkey. Collaborating on security tools and processes with a focus on compliance and incident management.
Senior SOC Analyst at Telstra helping protect employees and customers from cyber threats. Leading incident response and threat analysis in Security Operations Centre.
Physical Security Operations Manager leading physical security initiatives and managing guard operations for data center construction. Focused on protecting assets and mitigating risks in critical environments.
Cybersecurity Analyst focusing on threat detection and incident response. Collaborating on vulnerabilities and ensuring a secure client environment at PwC.