Select how often (in days) to receive an alert:

CYBER SOC SPECIALIST

• The SOC at SICPA is built of the most advanced and recent cyber technologies. Without levels distinction (Tier-1/2/3), the Cyber SOC Specialist has an exclusive role and will perform both Operations duties and Engineering activities., , Operational activities :
• Monitor the firm’s environment for abnormal behaviour and potential security breaches by triaging security alerts
• Perform thorough investigations of security alerts generated by our Cyber detection tools
• Launch response measures to security incidents within the SICPA network, infrastructure, identity management and applications
• Work closely with the Threat Intel team during investigation and Threat assessment
• Utilize industry standard network and host forensic tools in order to fully understand the scope of an incident
• Work the full ticket lifecycle; handle every step of the alert, from detection to remediation
• Perform threat hunting by searching our existing infrastructure for signs of malware and malicious events not detected by our existing security controls
• Document and present activities and progress
• Perform piquet duties
• Operations is performed during business hours (no night operations)
• Be deeply involved in the evaluation and implementation of new cybersecurity technologies
• Deploy and improve industry leading technology tools and solutions to enhance the security posture for SICPA keeping them up-to-date and use their full potential
• Provide technical expertise regarding the protection of company information, systems, networks, and applications plus assists with implementation of counter-measures or mitigating controls
• Build new detection rules and tune existing rules to have the most accurate monitoring system and avoid triage fatigue with false positive events
• Develop a strong working relationship with key business and technical partners to ensure cross-organization, co-operation and business support
• Help to develop, implement, and maintain SOC policies, processes and procedures

PROFILE

• Experience in a similar environment (SOC, CERT, CSIRT) including Monitoring, Deception mechanism, Hunting and Incident response including Investigation and Forensic (minimum 2 years)
• Bachelor degree in Cyber security or equivalent
• Practical experience with security technologies such as firewalls, IDS/IPS, SIEM, anti-malware, web filtering, vulnerability scanning and endpoint detection and response tools
• Hands-on experience in investigating and responding to common types of cyber attacks
• Strong understanding of enterprise IT, including networking infrastructure, operating systems, cloud and SaaS services, systems administration, data centers and software applications
• Good communications skills to effectively summarize and present findings
• Ability to engender positive and reliable work attitude when confronting with high pressure business situations
• Very good knowledge of English both written and spoken, other languages are an asset