Vacant job

About the Role As a SOC Analyst, you will work with analysis and incidents, identifying threats and attacks from various cyber groups, such as APT groups and nation-state actors. You will have access to various sources that provide you with information about threats to gain a deeper understanding of emerging threats and vulnerabilities used by actors.

You will act as the lead analyst and escalation point for security incidents and alerts analyzed by the CSOC team while providing in-depth insights and actions to protect customer environments. You will prepare and deliver security reports to corporate clients.

The role requires great flexibility and the ability to work broadly. You have a good knowledge of information security and are accustomed to working proactively to conduct vulnerability assessments. Making recommendations on tools and techniques for incident management is also part of the responsibility. A strong understanding of malware, emerging threats, techniques, and procedures (TTPs) will be crucial for success in the role.

Responsibilities - Responsible for reviewing security events and risk assessments in customer environments. - Conduct hypothesis-driven threat hunting to identify anomalies. - Identify, contain, and eliminate threats. Engage the Incident Response team when the scope of the incident exceeds CSOC capacity. - Perform malware and activity analysis. - Continuously review and adjust security tools. - Drive the incident management process and ensure that incident reports contain complete information and provide reports to stakeholders.

In this role, you will conduct in-depth investigations of confirmed security incidents, lead incidents as needed, and mentor other CSOC analysts to continuously improve the team. You will continuously work on developing and improving processes, documentation, and procedures. On-call readiness according to a rotating schedule is part of the role.

Desired Qualifications - Experience working with tools such as IPS, SIEM, DLP, antivirus, etc. - Documented experience in performing advanced analysis. - Experience analyzing network pcaps and documents for malicious activity or code. - Knowledge of networking and network security. - Understanding of network infrastructure (TCP/IP, switches, routers, proxy servers, VPN concentrators). - Understanding of security protocols (IPSec) and encryption techniques (3DES, AES, SHA2, TLS).

You have previous experience in a similar role and possess knowledge of security best practices. You understand fundamental security principles such as confidentiality, availability, and integrity. You speak and write Swedish and English fluently.

Preferred Qualifications - Experience with SIEM and SOAR solutions such as Splunk, Sentinel, Swimlane. - Experience with Defender for Endpoint, Crowdstrike, Rapid7. - Experience in a CSIRT role. - Security certifications: GSEC, GCIH, GCFA, or similar. - Experience working with threat hunting tools.

About the Company The company is a leading organization in cybersecurity with offices in several locations across Europe. The company offers a wide range of professional, support, and cybersecurity services for over 300 clients worldwide. With four top-tier Security Operation Centers, they provide their clients with comprehensive security services that cover security needs from all angles. Services include Managed Security, Cyber Security Testing, Incident Response, Security Integration, PCI Compliance, and Cyber Risk & Assurance.

The company stands out and differentiates itself from the crowd. The expertise and experience of the employees are among the best in the industry, and clients choose to stay over time, primarily due to high trust and the fact that deliveries always exceed expectations. The company was founded with a focus on technical expertise – a philosophy that remains. On several occasions, they have been listed in Gartner's Market Guides for Managed Security Services.

Additional Information Start: Immediately, considering any notice period Scope: Full-time

This is a recruitment where we at Acely are the recruitment partner for our client. We conduct interviews on an ongoing basis, so please send your application today!

For more information, please contact: christoffer.sjostrom@acely.se