Cyber SOC Specialist

To strengthen our Cyber Security Operations Centre (SOC) team, we are looking for a:

CYBER SOC SPECIALIST

ROLE

The SOC at SICPA is built of the most advanced and recent cyber technologies. Without levels distinction (Tier-1/2/3), the Cyber SOC Specialist has an exclusive role and will perform both Operations duties and Engineering activities.
 
Operational activities :

• Monitor the firm’s environment for abnormal behaviour and potential security breaches by triaging security alerts.
• Perform thorough investigations of security alerts generated by our Cyber detection tools.
• Launch response measures to security incidents within the SICPA network, infrastructure, identity management and applications.
• Work closely with the Threat Intel team during investigation  and Threat assessment.
• Utilize industry standard network and host forensic tools in order to fully understand the scope of an incident.
• Work the full ticket lifecycle; handle every step of the alert, from detection to remediation.
• Perform threat hunting by searching our existing infrastructure for signs of malware and malicious events not detected by our existing security controls.
• Document and present activities and progress.
• Perform piquet duties.
• Operations is performed during business hours (no night operations).

 
Engineering activities : 

• Be deeply involved in the evaluation and implementation of new cybersecurity technologies.
• Deploy and improve industry leading technology tools and solutions to enhance the security posture for SICPA keeping them up-to-date and use their full potential.
• Provide technical expertise regarding the protection of company information, systems, networks, and applications plus assists with implementation of counter-measures or mitigating controls.
• Build new detection rules and tune existing rules to have the most accurate monitoring system and avoid triage fatigue with false positive events.
• Develop a strong working relationship with key business and technical partners to ensure cross-organization, co-operation and business support.
• Help to develop, implement, and maintain SOC policies, processes and procedures.

PROFILE

• Experience in a similar environment (SOC, CERT, CSIRT) including Monitoring, Deception mechanism, Hunting and Incident response including Investigation and Forensic (minimum 2 years)
• Bachelor degree in Cyber security or equivalent.
• Practical experience with security technologies such as firewalls, IDS/IPS, SIEM, anti-malware, web filtering, vulnerability scanning and endpoint detection and response tools.
• Hands-on experience in investigating and responding to common types of cyber attacks.
• Strong understanding of enterprise IT, including networking infrastructure, operating systems, cloud and SaaS services, systems administration, data centers and software applications.
• Good communications skills to effectively summarize and present findings.
• Ability to engender positive and reliable work attitude when confronting with high pressure business situations.
• Very good knowledge of English both written and spoken, other languages are an asset.