- Security monitoring in SIEM (Security Information and Event Management), EDR (Endpoint Detection and Response) and other sources
- Investigate, review and triage alerts and identify real threats from false positives
- Create incidents for potential attacks
- Fine-tune rules in collaboration with content engineering team
- Regular participation in cyber review meetings with the customers’ IT security teams to discuss the escalated incidents, issues, and fine-tuning suggestions
- Support and mentor the L1 Analyst team in daily operation
- Generate reports for both technical and non-technical staff and stakeholders
- Be up-to-date on the latest threats in IT.
- IT Security experience
- Technical knowledge and experience with at least one well-known SIEM or security analytics solution
- Solid knowledge of Windows and Linux operation systems
- General knowledge of web security, network protocols, devices, services, and related technologies (Firewall, IPS/IDS, web proxy)
- Understanding of host-based security tools such as anti-virus and EDR
- IT Security Certificate(s) (CompTIA, EC-Council or equivalent)
- Strong analytical and problem-solving skills, ability to analyze logs of various devices, solutions
- Reliable English communication skills (both written and verbal)
Advantages
- Previous SOC experience
- Experience with EDR solutions
- Experience with ICS, OT and IoT security solutions
- Vendor certificates (IBM, Microsoft, Splunk, CrowdStrike or equivalent)
- Any advanced security certificate (GSEC, OSCP/OSCE or equivalent)
- Basic presentation, project management, document management skills
- German communication skills
* Please be informed that our remote working possibility is only available within Hungary due to European taxation regulation.