SOC Cyber Threat Expert

• Coding Experience in Scripting & programming languages (such as Java, Bash, Python, PowerShell, etc.) to use these skills to aid in responding to incidents involving Windows, Linux, and Mac hosts, as well as automate common analytical processes to reduce analyst time and avoid repetitive incident response tasks
• Making assessments on Information Security processes and taking responsibility of implementing improvements on related systems
• Deploy, configure, and maintain security technologies, including, EDR, XDR, SOAR, SIEM, solutions to assess each of the cybersecurity technology’s responses
• Develop open-source and vendor based threat detection scenarios
• Develop tooling for Detection Development Life-Cycle
• Research on new threat hunting methodologies, tools, and technologies
• Onboard and maintain detection and hunting products (SIEM, EDR, etc.)
• Manage and maintain internal SOC technologies and processes
• Effectively use threat intelligence services and malware sandboxes for hunting new malware threats
• Excellent written skills with demonstrated ability to write reports

• Bachelor’s Degree in engineering departments (preferably Electronics or Computer Engineering)
• 5+ years of experience in performing hands-on security engineering, consulting, team management, penetration testing, and/or adversary simulation, red teaming exercises, vulnerability assessments in complex operational ICT environments
• Familiarity with industry standards like OWASP TOP10, CVSS, CIS, NIST etc.
• CISSP, CISM, OSCP, CEH level is expected
• Experienced in SIEM products (QRadar, FortiSIEM Splunk, Logsign etc.) and SOAR products
• Experience working with Threat modeling (e.g., STRIDE, PASTA, FAIR, Security Cards), operational threat intelligence, and attack framework standards (e.g., MITRE ATT&CK) with a good understanding of the Cyber Kill Chain and pervasive threat attack methods and remediation
• Experience working in an industry standard Security Operations Center or similar environment providing incident handling and response, intrusion detection, analysis, cyber threat intelligence, threat determination, and mitigations processing and tracking, working with several network and system security technologies to include Elasticsearch, data analytics platforms, endpoint tools, network technologies, and SIEMs
• Experience developing detection logic for enterprise SIEM systems and with exploitation techniques and use case development
• Experience in the detection and response to malicious activity using log data and alerts from cybersecurity solutions, systems, and network devices
• Experience extracting and analyzing forensic artifacts across Windows, Mac, and Linux operating systems
• Experience of incident response processes, and threat intelligence cycles, including understanding of IP network traffic, security vulnerabilities, different exploitation techniques, and malware behaviors (including communications protocols)
• Understanding of Amazon Web Services cloud environments and their security controls, microservices architectures & distributed Platforms especially in the SaaS businesses, global frameworks and standards like NIST, ISO 27001/27002/27017/ 27018, GDPR, etc.

Experience in Scrum is a plus

• Vflexy: Flexible Benefits Program
• Hybrid working kit
• Ergonomic kit allowance
• Digital meal voucher
• Flexible transportation allowance
• Employee assistance hotline & counselling
• Comprehensive and flexible private health insurance
• Discounted price deals for wide range of products & services