Senior Security Operations Centre (SOC) Analyst
Neo4j
- Malmö
- Permanent
- Heltid
- Working with the Security Operations Lead, technical planning, and delivering our SOC capability.
- Ensuring the SOC capability is seamlessly integrated within the business.
- Acting as a technical point of escalation for the SOC.
- Support a collaborative and cohesive team environment, encouraging knowledge sharing and skill development among team members.
- Develop and maintain SOC procedures, use cases, and playbooks to improve detection, streamline response efforts, and minimise impact.
- Monitor and investigate security events and alerts generated by security tooling, analysing and investigating potential threats or anomalies.
- Monitor and analyse cloud security logs and events to identify and mitigate security risks and vulnerabilities.
- Coordinate proactive threat-hunting activities to identify and mitigate emerging security risks before they escalate.
- Supporting incident response and management decision-making in response to incidents.
- Manage and optimise SOC tools to maximise efficacy and efficiency in threat detection and response.
- Configure and fine-tune security monitoring rules and policies to align with organisational security requirements and objectives.
- Evaluate and recommend new security technologies and solutions to enhance SOC capabilities and effectiveness.
- Drive SOC reporting activities including KPIs, threat detection, and response times.
- Support the SOC with compliance and certification activity.
- Grow your own and support the team's growth in professional competence.
- Love information security. At least most parts of it!
- Degree educated or have the equivalent experience.
- A minimum of 7 years experience or knowledge in security operations or related roles.
- Experience working in modern cloud environments such as AWS, GCP or Azure.
- Experience using Security Information Event Management (SIEM), Endpoint Detection & Response (EDR), SOAR (Security Orchestration and Automation and Response) and related technologies.
- Experience in developing SOC use cases and playbooks.
- Experience in responding to security incidents and improving incident procedures.
- Proficient in several programming languages including Python and PHP.
- Strong analytical and investigation skills.
- Excellent written and verbal communication skills as well as receptive listening skills, with ability to present complex ideas in a clear, concise fashion to technical and non-technical audiences.
- Experience or knowledge in mentoring or training approaches for security operations.
- An awareness of hacking techniques and trends.
- Appropriate certifications or relevant experience in SOC operations.
- Experience using Linux environments.