SOC Engineer - Porto, Portugal - Landing

    Landing
    Landing Porto, Portugal

    há 1 semana

    Default job background
    Tempo integral
    Descrição
    At Decskill (Permanent), in Porto, Portugal
    Expires at:
    Remote policy: Partial remoteDecskill was founded in 2014 as an IT Consulting Company and their main mission is to delivery value through the knowledge. We enable companies to meet the chalenges of digital world by providing our clients with business models that ensure technological capacity, flexibility and agility. We are more than 600 consultants with offices in Lisbon, Porto and Madrid. DECSKILL operates in 3 main areas:
    • DECSKILL TALENT, through which we provide our clients with an extension to their IT teams;
    • DECSKILL BOOST, through which we provide our client with software development models to increase capacity and optimize Time-to-Market, where we create and manage teams that deliver according to their needs, at the desired speed;
    • DECSKILL CONNECT, through which we provide our client with consulting services, as well as the implementation and management of information technology infrastructures.
    Our practice results in the creation of value for our customers, either by delivering qualified and value-added services, or through highly qualified and motivated professionals, as well as technology solutions that allow us to operate and transform the business of our customers. We are looking for a SOC Analyst (L2) for a hybrid project based in Porto. Responsabilities:
    • Detection, categorization and investigation of infrastructure, applications and security incidents;
    • Vulnerability management on critical vulnerabilities (handling, categorization and follow-up);
    • Leading incident response plans;
    • Follow-up of remediation plans;
    • Implementation of detection scenarios and treatment of associated alerts;
    • The L2 SOC Analyst is responsible for monitoring and analyzing the organization's networks and systems on a daily basis to detect, identify, investigate, and mitigate potential threats. They must be able to identify anomalous behavior, recognize patterns of malicious activity, and take appropriate corrective action.

    Main requirements

    • Knowledge of the operating principles of Information Monitoring and Security Event Solutions (SIEM);
    • Good experience with Splunk and Regex search syntax;
    • Good experience with these;
    • Good knowledge of network and system architectures;
    • Knowledge of the operation of intrusion detection probes and event log correlation tools;
    • Good understanding of Mitre Attack framework and countermeasures link to the techniques and tactics;
    • Good understanding of Information monitoring and analysis tools and methods;
    • Good understanding of the security standards for different technologies (web servers, messaging, database, DNS, proxy, firewall, etc.);
    • Have a good understanding of one or more of the following topics: Web application vulnerabilities; Malware types (rootkit, ransomware, botnet, etc.); Obfuscation and persistence techniques (cryptography, packing, etc.); Digital investigation/analysis tools; SandBox behavioural;
    • Good level of English – minimum B2 level.