Our client is Siemens Healthineers, a leading global medical technology company with more than 55,000 dedicated colleagues in over 70 countries, driven to shape the future of healthcare.
Overview: As a Level 2 SOC Analyst, you will be an essential part of our Security Operations Center (SOC), responsible for detecting, analyzing, and responding to security incidents. You will play a crucial role in safeguarding our organization's critical assets, ensuring the confidentiality, integrity, and availability of our systems and data. In this role, you will collaborate with a talented team of cybersecurity experts to proactively defend against cyber threats and actively contribute to the organization's overall security posture.
Manage and maintain security tools, including SIEM, EDR, and other security monitoring and analysis platforms. Fine-tune security systems to optimize their effectiveness.
Reviews and collects asset data (configs, running processes, etc.) on these systems for further investigation.
Determines and directs remediation and recovery efforts.
Performs deep dive analysis of the security incidents.
Works on developing and fine-tuning the SIEM Use cases and developing ideas for new-age Dashboards.
Recognizes successful/potential intrusions and compromises through review and analysis of relevant event detail information.
Threat Analysis - Analyzes security system logs, security tools, and available data sources on a day-to-day basis to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection rules and system tuning.
Incident Response - Performs incident response activities and ensures that proper protection or corrective measures have been taken when an incident has been discovered.
Incident Response - Independently follow procedures to contain analyze and eradicate malicious activity.
Incident Response – Develop, maintain, and train technical documentation and Standard Operating Procedures (SOP).
Reporting - Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.
Threat Hunting - Conduct proactive threat research.
SPAM/Phishing analysis - Executes analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures.
Malware analysis - Executes automated malware analysis to determine initial threat impact and takes actions appropriately.
2 to 4 years of experience as a SOC Analyst or in a similar cybersecurity role.
Strong knowledge of cybersecurity principles, protocols, and technologies.
Experience with security monitoring tools, SIEM solutions, and EDR systems.
Familiarity with various operating systems (Windows, Linux, etc.) and network architecture.
Understanding of common cyber attack techniques, such as malware, phishing, and ransomware.
Should have hands-on experience in handling advanced persistent threats.
Knowledge of EDR tools (Microsoft, CrowdStrike) is an advantage.
Problem-Solver - Processes tactical mitigations based on results of analysis and determination of threat validity.
Knowledge of Azure, AWS, and Google cloud platform is an advantage.
Excellent analytical and problem-solving skills, with attention to detail.
Strong written and verbal communication skills, with the ability to articulate complex technical concepts to non-technical stakeholders.
Industry certifications such as Security+, CEH, GCIH, or similar are a plus.