SOC Analyst

volunteer time offTraining and growth opportunitiesA multicultural and diverse teamA supportive work environmentSocial eventsAnd moreJob Description Reporting to the Director of Cyber Operations, you will help to protect the integrity and confidentiality of our client's data and infrastructure by implementing measures to prevent breaches. Within the Agio community, you will partner cross functionally as well as within a strong team of cybersecurity professionals across our global organization.Arrangement: Hybrid (2 days onsite, preferably between Tuesdays-Thursdays)Location: Arthur Place 24-26 Arthur Street Belfast, Northern Ireland BT1 4GFResponsibilitiesSupport a 24/7/365 Security Operations Center and monitor security toolsProvide Tier 1 and 2 response to security incidentsRespond to cybersecurity events and incidents caused by internal and external threats to our clients, coordinate response activities with various stakeholders, and recommend mitigation strategiesHandle incidents as defined in playbooks and standard operating procedures, and advise on remediation actionsPerform deep-dive incident analysis by correlating data from various sources and determine if a critical system or data set is affectedIdentify and design use case algorithmsAssist customers in implementing sound and secure logging practices, deployment of agents and sensorsLeverage advanced knowledge of security operations, cyber security tools, intrusion detection, and secured networks to integrate with the SIEM platformTriage emerging threats to protect assets and information in client environments.Partner with cross-functional technical teams to share expertise, research threats, and implement solutionsPresent reports and produce communications, e-blasts and other forms of communication that may be both internal and client facing, to include leadership and executive managementDraft root cause analysis reports and recommendations after cybersecurity incidentsIdentify risk areas that will require

vulnerability preventionStay current with Security technologies and make recommendations for use based on business valueSkills & Qualifications RequirementsSIEM administration, configuration, and optimization experience with platforms such as Alien Vault, IBM QRadar, ArcSight or LogRhythmThreat hunting experienceMalware reverse engineering and outbreak management experienceExperience participating in and acting as an escalation point for complex network threat investigationsLinux command line experienceExperience and knowledge of public cloud environments, specifically AWS and AzureKnowledge of regular expressions and data normalizationExperience configuring, integrating, and monitoring endpoint protection solutions such as Cylance, Carbon Black, or CrowdStrikeUnderstanding of network protocols coupled with experience with web proxies, web application firewalls, and vulnerability assessment tools.Experience working in a team-oriented, collaborative environment with a high level of analytical and problem-solving abilitiesPositive attitude with strong oral and written communication skillsKnowledge of IP networking and network security including Intrusion DetectionFamiliarity with common network vulnerability/penetration testing toolsFamiliarity with service management software such as ServiceNowFamiliarity with data visualization platforms such as DomoSome experience with system hardening guidance and toolsExperience on an incident response team performing Tier I/II initial incident triage, desiredExperience supporting clients and serving as a technical advisorAbility to anticipate and respond to changing priorities and operate effectively in a dynamic demand-based environment requiring flexibility and responsiveness to client matters and needsQualifications/EducationBS/BA in Information Security, Computer Science or related engineering discipline, preferred2+ years' experience in technology (security, networking, systems, etc.)Prior experience working in a SOC requiredFinancial services industry experience is a plusManaged security service provider (MSSP) experience is a plusCertifications or work toward any of the following is strongly desired:GIAC Certified Incident Handler (GCIH)GIAC Certified Intrusion Analyst (GCIA)GIAC Certified Forensic Analyst (GCFA)GIAC Certified Forensic Examiner (GCFE)GIAC Network Forensic Analyst (GNFA)Microsoft Certified Solutions Associate (MCSA)CompTIA Security+Agio is a blend of who we are and what we aspire to be. As an equal opportunity employer, we embrace diversity and are committed to creating an inclusive culture that allows each of us to do our best work and be our best selves.We welcome all interested individuals to apply and encourage applications from people with disabilities, diverse ethnic and cultural origins, veteran status, and people from all races, religions, gender identities, sexual orientations, and expressions. We encourage you to apply if you

Die agido GmbH wurde 2002 als Netzprofis GmbH & Co KG gegründet und ist ein mittelständisches Unternehmen spezialisiert auf die Entwicklung von Individualsoftware für Unternehmen. Wir verfügen über Expertenwissen für hochskalierbare und performanzkritische Softwaresysteme mit hohem Transaktionsvolumen, wie sie z.B. im Finanz- oder Telekommunikationswesen benötigt werden.

Jeder unserer Mitarbeiter ist qualifizierter Softwareentwickler "aus Leidenschaft" und wir lieben, was wir tun. Gemeinsam helfen wir unseren Kunden, ihre Arbeitsabläufe zu automatisieren und zu integrieren, nehmen entwickelte Softwarelösungen in Betrieb und sorgen für eine dauerhafte und stabile Nutzung.

Wir bieten innovative Lösungen für digitale Geschäftsprozesse aus einer Hand - von der Prozessberatung, über Anforderungserhebung und -analyse, hin zur Konzeption der technischen Architektur bis zur Implementierung und Einführung konkreter Anwendungen und Systeme.

Unserem Handeln liegen hohe wirtschaftliche Kompetenz, Geschäftssensibilität, profunde Branchenkenntnisse und vor allem umfassende Erfahrungen mit modernen Informationstechnologien zugrunde. Termin-, Qualitäts- und Budgettreue ist ebenso Teil unserer Unternehmensphilosopie wie Offenheit, Flexibilität, ein kalkulierbarer "Return on Investment" und langfristige Invesitionssicherheit.