Security Operations Analyst
A key member of our MDR Operations team, the Security Operations Analyst is responsible for managing escalated operational cases in the Cyber Fusion Center. This role involves interacting with clients and partners to provide world-class managed services.
The ideal candidate will possess deep technical and cybersecurity knowledge, as well as excellent analytical thinking and problem-solving skills. Experience reviewing and analyzing log data, network packet captures, and security devices is a must.
This is an entry-level position that offers opportunities for growth and professional development. We are looking for a motivated and self-driven individual who is passionate about cybersecurity and providing exceptional client satisfaction.
* Key Responsibilities:
* Manage escalated cases to the Tier-2 queue
* Analyze and respond to security events from SIEM, EDR, FWs, IDS, IPS, AV, and other security data sources
* Deliver high-quality incident handling and investigation
* Be the 2nd level of escalation for Tier-1 Security Analysts
* Perform on-call for Threat Monitoring and Security Device Management escalation outside of business hours
* Service Improvement:
* Perform rules tuning of client SIEM in operation
* Support rules factory program in improving the global set of detection
* Validate Go-to-Active and Go-to-Prod gates of new clients to ensure a smooth transition to operation
* Continuously improve incident templates in terms of content for clients and in terms of automation to best support operation
* Support rollout of new set of rules for MSS clients
* Qualify, analyze, and provide recommendations for new standard data source requests
* Support Product teams to build best new services to fit with Operations capabilities (needs, scalability, efficiency)
* General Responsibilities:
* Take responsibility for customer satisfaction and overall success of managed services
* Be available, ready, and able to accept incoming clients calls
* Recommend improvements for Standard Operating Procedures
* Propose enhancement on tools and workflow
* Respond in a timely manner to support tickets
* Document actions in tickets to effectively communicate information internally and to customers
* Adhere to policies, procedures, and security best practices
* Mentor fellow Security Engineers and Security Analysts
* Requirements:
* Minimum 1 year' experience in information security managing and monitoring security devices or educational equivalent
* Excellent analytical thinking and problem-solving skills
* Oral and written communication skills
* Good knowledge of SIEM technologies
* Good knowledge in cyber security threats and tactics
* Good knowledge in Cloud and OT/ICS technologies
* Windows and Unix/Linux operating system experience
* Experience reviewing and analyzing log data
* Experience reviewing and analyzing network packet captures
* Very good level of English and German (oral and written)
About Us:
We are a rapidly growing company with locations in Switzerland and the United States, leveraging our unique history of innovation and engineering to adopt a different approach to cybersecurity and help change the security paradigm.