SOC Senior Security Analyst - Secureworks - Zurich, Switzerland

Zurich, Switzerland

06/07/2019Save this jobJob savedApply nowApply now

SOC Senior Security Analyst

Zurich

Secureworks Overview

Secureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. We help organizations confidently pursue business goals in a digitally-connected world.  Consistently recognized by industry analysts and readers’ polls, we are one of the best in the world at understanding and anticipating threat behavior. We see 250 billion events every day across 4400 clients in more than 55 countries, and our solutions work across all the layers of a client’s security environment, including 330 different vendor technologies. Join a talented, dedicated, and diverse team of researchers, analysts, engineers, consultants and business professionals who are focused 100% on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys and maintain our company’s leadership in the cyber security industry.

Uniquely positioned to adapt as the industry evolves, we are also proud to be part of the Dell Technologies family. We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.

Role Overview

We’re looking for a Senior Security Analyst to join the SOC in one of our key clients in Zurich. You’ll be proactively managing IT security on behalf of our customer to reduce the impact of security incidents and system compromises. You’ll provide security monitoring, event analysis, countermeasure proposals and technical leadership to the internal team and client stakeholders.

Responsibilities:

• Performing daily analysis of security events from multiple sources such as SIEM, network and host based IDS, firewalls, system logs, mainframes, midrange, applications and databases.


• Perform security threat analysis of various malware and web attacks, working with clients to remediate security related issues based on operation needs


• Launch and track security investigations to resolution. Recognise attacks based on their signatures and be able to differentiate false positions from true intrusion attempts to help remediate/prevent.


• Actively investigate the latest in security vulnerabilities, advisories, incidents, threat intelligence and penetration techniques and notification the client when appropriate


• Coordinate with the client’s internal SOC/CIRT teams for relevant security incident investigations


• Assisting in building SOC and CIRT processes, procedures and training


• Conduct vulnerability assessment and reporting


• Review documentation and make recommendations for improvement


• Coach and mentor junior peers around the areas such as incident handling, event analysis and correlation, SIEM, IPS/IDS, log monitoring and threat management

Requirements:

• 5+ years experience working in a SOC


• Experience with some of the following:
  
  
  
  • SIEM (Splunk, Arcsight, QRadar etc)
  
  
  • Security event analysis
  
  
  • Well-known networking protocols and services (TCP, IP, FTP, HTTP, SSH, SMB, LDAP, etc.)
  
  
  • Packet analysis tools (tcpdump, Wireshark, ngrep, etc.)
  
  
  • IPS/IDS
  
  
  • Firewalls
  
  
  • Incident Response & Forensics
  
  
  • Pentesting
  
  
  • Vulnerability Assessment
  
  


• Excellent problem solving skills that would allow for the ability to diagnose and troubleshoot technical issues


• Customer-oriented with a strong interest in client satisfaction


• Attention to detail and great organisational skills


• Confidence and ability to operate in a Senior role as a de facto technical leader within the SOC team


• Certifications: GCIA, GPEN, GWAPT, GCIH, GSEC, OSCP, OSCE, OSCP, CEH or similar certification preferable

Hours: Mon-Fri, normal business hours

Why join Secureworks?

Life at Secureworks means collaborating with dedicated professionals with a passion for technology. When we see something that could be improved, we get to work inventing the solution. Our people demonstrate our winning culture through positive and meaningful relationships. We invest in our people and offer a series of programs that enables them to pursue a career that fulfils their potential. Our team members’ health and wellness is our priority as well as rewarding them for their hard work. 

As a leading technology employer, we actively encourage further development for our employees. This is done through our range of internal training programmes, training affiliation with SANS GIAC, various vendors, encouragement for the team to go technology conferences or even our regular company hackathons.

Secureworks, a Dell Technologies company, is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, colour, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics. 

Job Family: SecureworksJob ID: R72820

Apply nowApply now