Success!

Note

Error

Session expiration Your session is going to expireClick here to extend

Experience level

Intermediate

Estimated project duration

3-6 months

Hourly requirement per week

More than 30 hrs/week

Freelancer location requirement:

Germany

This project has expired

Why don't you register anyway? We are sure that you will find many similar projects out of the thousands waiting for you!

Post similar project now

Description

Tier 2 Security Analyst

Security Analysts comprise the primary labor force within the Security Operations Center. Security Analysts come from an enterprise background with at least three years’ experience working in a security-related field, enabling them to undertake a wide variety of tasks across a number of different platforms. Analysts will handle day-to-day tasks, as well as short-notice ad-hoc work, and see them through to completion with minimal supervision. Security Analysts provide critical value to the RSA Security Analytics management service, leveraging their extensive knowledge to provide context to events; recommendations for remediation actions; and suggestions for implementing best practices and improving standard processes and procedures.

Duties of the Tier-2 Security Analyst include:

 Providing “eyes on glass” real-time security monitoring in a 24x7 environment;

 Active real-time security monitoring of alerts and escalating critical alerts to in compliance with the appropriate service levels;

 Advanced security event detection and threat analysis for complex and/or escalated security events;

 Providing log/network/malware/device analysis and making recommendations for remediation of security vulnerability conditions;

 Develop internal and/or external documentation, such as detailed procedures, playbooks, and operational metrics reports;

 Performing level 1 assessment of incoming alerts (assessing the priority of the alert, network troubleshooting, such as ping and traceroute) and coordinate with Senior Analysts for high priority incidents, if necessary;

 Maintaining the SOC Knowledge Base;

 Performing various related tasks as assigned.

Required Skills & Experience:

 Experience in SIEM environments (especially QRadar)

 Basic knowledge with scripting, parsing and query development

 Experience in tuning use cases & content, driven from day to day optimizations

 Bachelors or higher degree in Computer Science, Information Security or similar discipline

 Good documentation and communication skills

 Exceptional problem solving skills

 Ability to drive process improvements and identify gaps

 Proactive in engaging with customers, client executives and management teams

 Good understanding of threat landscape and indicators of compromise

 Knowledge of Hunting techniques

 At least 2-3 years SOC experience plus additional experience in other related fields

 Clear and concise written and oral English

 Security Vetting in Germany might be required

Desired Skills & Experience:

 Platform experience with competing correlation platforms a plus

 ITIL certification

 CISSP, SANS GIAC

 Basic Forensic Knowledge

2 Tier 3 Security Analyst

Tier-3 Security Analyst are experts in the field of security event analysis and incident handling, they typically have five to seven years previous SOC experience, as well as technical certifications to reinforce their practical experience. Tier-3 Security Analysts have a clear understanding of the demands of the dynamic Managed Security environment and use these skills to provide day-to-day direction to Analysts on the team, as well as ensuring smooth shift operations.

Tier-3 Security Analysts will also be involved in the day-to-day analysis of newly reported threats. In addition, they will provide additional context and consultation to help progress issues for quick resolution, perform analysis and tuning of the Security Analytics and SOAR platform configuration and use cases, and create, review, approve, and publish customer-facing reports on threat intelligence, operational metrics, and/or service performance.

Duties of the Tier-3 Security Analyst include:

 Active real-time security monitoring of alerts and escalating critical alerts to in compliance with the appropriate service levels;

 High level security system analysis including proactive policy evaluation and tuning;

 Leading the research and resolution of complex and/or escalations issues, including technical troubleshooting calls with Customer/other teams;

 Management of complex changes and vendor interaction;

 Creation of security documentation, including policies and procedures, training documents, playbooks and operations manuals;

 Liaise with customer’s senior management and other teams on service improvement initiatives;

 May also provide Team Lead functions, including supervision of staff, escalation management, and performance appraisal contributions.

 Develop and Maintain SOAR platform

Required Skills & Experience:

 Expert technical skills in QRadar and Palo Alto Cortex XSOAR

 Expert technical skills with scripting, parsing and query development

 Experience building & managing use cases & content, driven from customer or internal requirements

 Bachelors or higher degree in Computer Science, Information Security or similar discipline

 Strong documentation and communication skills

 Exceptional problem solving skills

 Ability to drive process improvements and identify gaps

 Proactive in engaging with customers, client executives and management teams

 CISSP, SANS GIAC or related certifications

 In-depth understanding of threat landscape and indicators of compromise

 Hunting techniques & Forensic research experience

 At least 3-5 years SOC experience as a senior engineer plus additional experience in a SOC T2 Analyst role

Desired Skills & Experience:

 ITIL certification

 SIEM solution Design/ architect experience

 ISO 27K Audit & Compliance experience

 Infrastructure Management expertise on different platfom