SOC Analyst mfd

Team

• Information Security Team at Raisin enable Raisin business to mitigate information security events and incidents in timely fashion
• Work with various teams to protect the infrastructure data and assets within the company
• Operate as a member of Security team building and maintaining internal security controls to protect operations
• Manage and own resources throughout the investigation remediation and reporting of security incidents
• Provide support to respond to cyber security incidents using Cyber Killchain and NIST framework
• Prepare and test Incident management process and ensure correctness of implemented controls
• Manage SIEM capabilities correlate and build dashboards alerts and workflows for monitoring and remediating incidents
• Identifying and reporting key metrics and KPIs to measure success of the SOC
• Incident response experience in cloud environments preferably AWS
• You will independently manage and build this process

Your Responsibilities

• Experience in SOC monitoring working knowledge in Splunk (preferable) or other SIEM tools like Qradar LogRhythm ArcSight McAfee Nitro and AlienVault USM Anywhere.
• Active monitoring of Security events using SIEM (based on standard operating procedure).
• Monitoring application and infrastructure security events and taking appropriate action based on security policy.
• Perform detailed investigation on the alerts.
• Creating new rules correlations Dashboards reports on different SIEM tools to detect new threats.
• Understand cyber attack methods perform analysis of security logs in an attempt to detect unauthorized behavior.
• Experience in performing Root Cause Analysis for data from SIEM
• Responsible for Incident Validation Incident Analysis Solution Recommendation
• Review the correlation rules and define the improvement plan. Fine tune the system.
• Stay current on IT security trends intelligence and news.
• Handling escalations from the Application Support team.
• Review Process Compliance Reports KPIs.
• Familiarity with ITIL processes.
• Experience on Phishing email analysis.
• Good understanding of Security devices like Firewall IPS/IDS Proxy Email Gateway WAF Antivirus.
• Experience in Cloud security Threat Hunting Threat Intelligence Malware Analysis Incident Response Trend & Pattern Analysis Machine Learning would be an added advantage.
• Assist with the development revision and maintenance of Run books Standard Operating Procedures/ Knowledge base and Working Instructions related to IT Security.
• Monitor the health of data sources check for all the tools and report any shortcomings immediately to the concerned team.
• Knowledge on servers and networking Good knowledge on cyberattacks and cyber threats
• False positive mitigation and perform realtime analysis on all the integrated devices.
• Understanding of vulnerabilities in OS Applications Network devices and perform vulnerability assessments
• SIEM reports analysis and prepares the daily/weekly/monthly and adhoc reports.
• Monitor external event sources for threat intelligence and actionable incidents.
• Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.
• Must comply with any regulatory requirements.

Your Profile

• Bachelors Degree in Computer Science Information Security Information Systems Engineering or related work experience
• Expert knowledge of one or more technical areas like:
  • AWS Cloud security
  • Crowdstrike
  • Cloud WAF VPN and Firewalls
  • Identity
  • Network protocols (TCP/IP TLS HTTP DNS etc.)
  • Database and web application security
• Strong understanding of security monitoring detection and analysis methodologies and technologies using Splunk (preferred) or other SIEM solutions
• Proven experience in either threat hunting or cyber threat intelligence
• Strong ability to demonstrate analytical expertise close attention to detail excellent critical thinking logic and solution orientation
• Willingness to learn and operate in a dynamic environment
• 4 years of experience cyber attack monitoring and incident handling
• 4 years of experience working in a 24/7 operational environment

Join our mission join our team and grow with us!

At Raisin we care about each other and it is one of our top priorities to foster an open and caring environment in which everyone feels welcome and comfortable. Our culture is strongly driven by our ambitious team which connects more than 40 different nationalities.

Youll find us in our modern and open office in the trendy Kreuzberg district with a view of the Spree River ideally connected to public transportation and surrounded by a variety of restaurants and shopping opportunities.

As part of our team you will benefit from:

• Personal training budget of 1700 and four full training days per year.
• Access to Babbel for continuous language learning.
• Hungry all the time Snacks daily fresh fruit as well as drinks provided at the office.
• Flexible working hours home office and 28 vacation days.
• Enjoy more than 50 different sports with Urban Sports Club: We subsidize your membership with more than 20 per month.
• A company pension scheme (Betriebliche Altersvorsorge) which we support with 20%.
• Do you miss being in the office The Deutschland Ticket gets you there which we subsidize with 25 per month.
• You are moving from another country or city to join us We will support your relocation within Europe.