Tuesday 8th January 2019

Security Operation Centre Analyst

We are seeking an SOC Analyst, Tier 3.

Trilogy Technologies is a leading provider of IT managed services for businesses across Ireland and the UK. We offer career progression opportunities for all in a fun and caring environment. Following our recent acquisition of Zinopy, our portfolio has deepened to cover a range of specialised security and virtualisation managed services.  These companies now form Trilogy Technologies Group and we have plans to further grow our customer base in existing and new markets.

Job Description

Explores ways to identify stealthy threats that may have found their way inside networks, without detection, using the latest threat intelligence.

Key Responsibilities

  • Collects, documents, assesses, and analyses cyber threat information; presents reports and findings to management.
  • Performs digital forensic tasks for cyber-criminal activities. Conducts penetration tests on production system to validate resiliency and identify areas of weakness to fix.
  • Recommends how to optimise security monitoring tolls based on threat hinting discoveries. Provides technical assistance to other incident response and security operation teams, such as vulnerability assessment and intrusion detection.

Job Function

IT Security: Physical and electronic protection of data: access control, intrusion detection, virus protection, certification, audit, incident response, security engineering, development and implementation of security policies and procedures

Role Classification

Management; Senior Level Consulting

Functional, technical or process leadership; Management of multiple teams; High complexity and ambiguity; Tactical responsibilities

Technical

Focus on technical activities that require specialised knowledge

Minimum Qualifications

  • Masters or Bachelors degree in technical engineering or IT related field; or equivalent experience.
  • 4+ years of experience working in Security Operations Centre with a Security Incident and Event Management (SIEM) to correlate events across several devices.
  • Certified Information Systems Security Professional (CISSP) or equivalent required.

 

Business Competencies

•  Information Capture

Knowledge of the methods, channels and processes to obtain needed information; ability to identify, capture and document relevant business information in an auditable, organised, understandable and easily retrievable manner.

•  Service Excellence

Knowledge of customer service concepts and techniques; ability to meet or exceed customer needs and expectations and provide excellent service in a direct or indirect manner.

 

Individual Competencies

•  Accuracy and attention to detail

Understanding of the necessity and value of accuracy and attention to detail; ability to process information with high levels of accuracy.

•  Analytical thinking

Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organisational problems and create alternative solutions that resolve the problems in the best interest of the business.

•  Decision making and critical thinking

Knowledge of the decision‐making process and associated tools and techniques; ability to accurately analyse situations and reach productive decisions based on informed judgment.

•  Effective communications

Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviours.

•  Flexibility and adaptability

Knowledge of successful approaches, tools, and techniques for dealing with changes and adapting to a changing environment; ability to adapt as needed.

•  Problem solving

Knowledge of approaches, tools, techniques for recognising, anticipating, and resolving organisational, operational or process problems; ability to apply this knowledge appropriately to diverse situations.

•  Taking ownership

Knowledge of the current situation or issue at hand;ability to take full personal responsibility or ownership for assignments, activities, decisions and results.

 

Leadership Competencies

•  Tolerance for ambiguity and stress

Understanding of the necessity of moving forward with less than perfect information and ability to flexibly and comfortably adapt to changing work demands.

 

Technical ‐ Information Technology

•  Application security

Knowledge of the tools and processes for maintaining application security; ability to design and implement security programs to prevent data loss and access intrusion from web and mobile applications.

•  Change control

Knowledge of the process and procedure by which a change is identified, evaluated, approved, monitored and documented; ability to effectively control and manage changes in the production environment and in the technology‐based assets of the organisation (e.g., application software, production databases, operating systems software, hardware).

•  Computer forensics

Knowledge of technologies, methods and tools of forensics investigations for IT security violations or potential threats; ability to identify, uncover and evaluate violations, warning reports, suspected incidents and insidious events.

•  Computer network defence

Knowledge of methods and processes to monitor, analyse and respond to network attacks, intrusions or any unauthorised actions; ability to use techniques and tools to perform network defence.

•  Cybersecurity risk management

Knowledge of tools, techniques, approaches and processes of cybersecurity risk management; ability to ensure organisational network operation and minimise negative effect by cybersecurity risks.

•  Data networks

Knowledge of concept and features of data networks and the ability to manage an organisation’s data networks for internal and external information transmission.

•  Data privacy

Knowledge of and ability to protect an organisation’s data to ensure privacy during the process of storage and communication.

•  Digital threat management

Knowledge of techniques, approaches and processes of digital threats; ability to detect, monitor, analyse and prevent digital threats.

•  Information assurance

Knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity and availability.

•  Information security audits

Knowledge of and the ability to utilise tools and techniques for assessing the effectiveness of information security measures, identifying potential risk exposures, and protecting the availability, confidentiality and audit trails of information from destruction or manipulation.

•  Information security management

Knowledge of the processes, tools and techniques of information security management, ability to deploy and monitor information security systems, as well as detect, resolve and prevent violations of IT security, to protect organisational data.

•  Information security technologies

Knowledge of technologies and technology‐based solutions dealing with information security issues; ability to apply these in protecting information security across the organisation.

•  Information Technology (IT) security policies

Knowledge of IT security policies, standards, and procedures; ability to utilise a variety of administrative skill sets and technical knowledge to ensure cyber security compliance.

•  Internet of Things (IoT) security

Knowledge of concepts, methods and trends of Internet of Things security; ability to utilise tools and technologies to secure connected IoT devices and network.

•  Intrusion detection and prevention

Knowledge of tools, techniques and processes of intrusion detection and prevention; ability to detect, resolve and prevent intrusion behaviours to protect organisational networks.

•  Mobile security

Knowledge of the threats, measures and practices of mobile security; ability to reduce mobile risks and protect personal and organisational data and information.

•  Network and internet security

Knowledge of the tools and processes for maintaining network and Internet security; ability to develop and implement safeguards for the prevention of intrusion and unauthorised access.

•  Network architecture

Knowledge of network concepts, technologies, tools and philosophies, and the ability to design an organisation’s network infrastructure and services.

•  Security Information and Event Management (SIEM)

Knowledge of concept, procedures and processes of Security Information and Event Management (SIEM); ability to utilise related applications to protect organisational networks from cyber risks.

•  Vulnerabilities assessment

Knowledge of vulnerability assessment tools, techniques, models, and systems; ability to utilises the knowledge to identify vulnerabilities on network, operating system, mobile application.

APPLY FOR THIS POSITION

Captcha code