Location

Dublin

Department

IT Services

Purpose of the role:

The Senior Security Operations Centre (SOC) Analyst assists in deploying, maintaining, tuning, monitoring, and managing security tools related to the Security Operations Centre. The Senior SOC analyst will function as a Level 3 analyst, and act as a mentor to other members of the team. The Tier 3 SOC analyst will review alerts from Level 2 analysts and Arkphire Security network security devices, security information and event management and other tools as needed, works with other analysts to collect, correlate, and analyse security-relevant data, and respond to threats in a timely manner. This position reports to the SOC manager.

 

Role and Responsibilities:

  • Performance and power modelling and evaluations of existing and future designs
  • Defining and evaluating SIEM software and firmware optimisations
  • Workload & benchmark definition and development
  • Lead consulting engagements focused on the assessment, design, and implementation of enterprise-scale QRadar solutions
  • Build, operate, and develop or maintaining a SIEM infrastructure.
  • Provide architecture-level design to support and operate Security Information and Event Management (SIEM) or Security Event Management (SEM) best practices
  • Design SIEM to meet growth while maintaining the balance between performance, stability, and agility.
  • Manage customer expectations, onboard data into SIEM support projects in multi-site or clustered SIEM installations
  • Assist with the development of advanced reports to meet the requirements of key stakeholders.
  • Conduct research in areas driven by customer use cases, architect and support systems used to configure and deploy enterprise SIEM log management solutions and develop automation for security tools management.
  • Assist with the automation, deployment, integration, and testing of enterprise systems and services and create and optimize Big Data correlations
  • Service Delivery Responsibilities
  • Carry out Quarterly audit for the SIEM infrastructure for all customers
  • Be a project lead and ensure all the SIEM projects are delivered in-line with Customer expectation and best practices
  • Provides input to technical estimates created with standards tools, portfolio Work Breakdown Structures, statements of work and industry standard estimating techniques.
  • Provide mentoring to other members of the Security Operations Centre team
  • Design and deploy Vulnerability Management and remediation
  • Will be required to work on customer sites from time to time.

 

Essential Skills:

Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environment.

  • Experience on SIEM technology, preferably on IBM QRadar
  • Device Knowledge such as Firewall, IPS/IDS, Routers/Switches
  • Security certifications (CISSP, GIAC certs) preferred
  • ITIL V3 certified

Education and Experience:

Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environment.

  • 4+ years of experience working in Security Operations Centre with a Security Incident & Event Management (SIEM) to correlate events across several devices.
  • Strong understanding of network devices such as Intrusion Detection Systems (IDS)/ Intrusion Prevent Systems (IPS), firewalls, network packet capture tools, and file integrity monitoring tools.
  • Proficient knowledge in incident prevention, detection and response tools
  • Knowledge of network and server security products, technologies, and protocols
  • Requires background in at least 2 of the following domains: hacking and incident response; network forensics; security engineering, security analysis and investigation
  • Device Knowledge such as Firewall, IPS/IDS, Routers/Switches
  • Security certifications (CISSP, GIAC certs) preferred
  • ITIL V3 certified