Senior Managed Security Service Analyst

Poznań; Wrocław; Warszawa, Poland
Full-Time

Senior Managed Security Service Analyst

The Senior Managed Security Services Analyst (Tier 2) assists in deploying, maintaining, tuning, monitoring, and managing security tools related to the Operations team. The Senior MSS analyst will function as a Level 2 analyst, and act as a mentor to other members of the team. The Tier 2 MSS analyst will review alerts from Level 1 analysts and network security devices, security information and event management and other tools as needed works with other analysts to collect, correlate, and analyse security-relevant data, and respond to threats in a timely manner. This position reports to the Security team lead.

Role and responsibilities:

  • Work with alerts from the Tier 1 MSS Analysts, to perform in-depth analysis and triage of threat activity based on computer and media forensics, malicious code analysis, and protocol analysis.
  • Assist with the development of incident response plans, workflows, and Standard Operating Procedures.
  • Monitoring and management of SIEM infrastructure.
  • Monitor the service ticket board and ensure the tickets are managed and responded in line with SLA.
  • Review and fine tune the false positive incidents.
  • Provide feedback and automate the common recurring tasks.
  • Develop and implement detection use cases.
  • Run weekly call with customers on the developed KPIs.
  • Continuously assess the current state of security monitoring and recommend enhancements to MSS security process, procedures, and policies.

The job role may require shift work.

Essential Skills:

  • Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgement and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environment.
  • Mandatory experience on SIEM technology, preferably on IBM QRadar
  • Desired experience with scripting tools (bash, python)
  • Device Knowledge such as Firewall, IPS/IDS, Routers/Switches
  • Security certifications: CISSP, CISM, GIAC certs, CEH, CompTIA security+

Education and experience:

  • 3+ years of experience working in the Security Operations Centre with a Security Incident & Event Management (SIEM) to correlate events across several devices.
  • Good understanding of network devices such as Intrusion Detection Systems (IDS)/ Intrusion Prevent Systems (IPS), firewalls, network packet capture tools.
  • Proficient knowledge in incident prevention, detection and response tools
  • Knowledge of network and server security products, technologies, and protocols

Required background in at least 2 of the following domains: security analysis and investigations, ethical hacking, incident response, forensics analysis, security engineering, security automation, threat hunting.

Learn more about #NordcloudCommunity. Get familiar with the technologies and projects we work on here. Curious about what's behind the idea of setting up Nordcloud? Watch this video!

If you’d like to join us, please send us your CV or LinkedIn profile. Please read our Data Privacy Policy before applying. All applicants must have the right to work in the EU.

About Nordcloud

Nordcloud is a European leader in cloud implementation, application development, managed services, and training. It’s a recognized cloud-native pioneer with a proven track record helping organizations leverage the public cloud in a way that balances quick wins, immediate savings, and sustainable value. As well as partnering with VMware, Nordcloud is triple-certified across Microsoft Azure, Google Cloud Platform, and Amazon Web Services – and is featured in Gartner’s Magic Quadrant. Nordcloud has 10 European hubs, over 700 employees and has delivered over 1,000 successful cloud projects for companies ranging from mid-size to large corporates. IBM announced its acquisition of Nordcloud on December 21, 2020.

We are digital builders born in the cloud. Joining Nordcloud is the chance of a lifetime to leave your mark on the IT industry!

#Li-Remote

Related Content

Blog

Starter for 10: Meet Jonna Iljin, Nordcloud’s Head of Design

When people start working with Nordcloud, they generally comment on 2 things. First, how friendly and knowledgeable everyone is. Second,...

Blog

Building better SaaS products with UX Writing (Part 3)

UX writers are not omniscient, and it’s best for them to resist the temptation to work in isolation, just as...

Blog

Building better SaaS products with UX Writing (Part 2)

The main purpose of UX writing is to ensure that the people who use any software have a positive experience.