Security Operation Centre (SOC) Specialist

GSS provides shared services to the Group companies, with Head Office in Italy and branches in 5 European countries, a total staff of about 1.000 people.   Within the Chief Security Office Division, we are looking for a Security Operation Centre Specialist, who will perform

GSS provides shared services to the Group companies, with Head Office in Italy and branches in 5 European countries, a total staff of about 1.000 people.
 
Within the Chief Security Office Division, we are looking for a Security Operation Centre Specialist, who will perform the following activities:
  • Develop and support central SIEM infrastructure deployed across company sites
  • Perform Log sources integration and management providing analysis and trending of security log data from a large number of heterogeneous security devices
  • Provide Incident Response (IR) support when analysis confirms actionable incident
  • Investigate, document, and report on information security issues and emerging trends
  • Act upon threat intelligence provided by Cyber Threat Intelligence function
  • Respond to Information Security related queries
  • Mentor and train junior analysts to enhance the overall technical skill-set of the SOC, establish analytic discipline and critical thinking, and promote greater curiosity – thinking "outside the box"
  • Investigate IOCs provided by Cyber Threat Intelligence or the Cyber Hunter function
  • Supporting handling incidents – encompassing multiple functions: detection and identification, incident triage
  • Actively support the projects mission providing solutions, skills and experience.
  • Provide support during the internal and externals Audit activities
  • Integrate and share information with other analysts and other teams
  • Actively Interact with SOC Level 1 team and CERT team daily basis providing support improving the quality of the services 
SIEM administration and optimisation activities:
  • Expand, tune, and enhance rule-sets – SIEM, – to identify security incidents and reduce false positives
  • SIEM maturity assessment
  • Support in on-boarding activities of new customers or company branch offices
  • Support architecture changes and design reviews
  • Develop custom parsers
  • Develop and maintain custom reports
  • Develop and maintain a Use case factory

 The ideal candidate will meet the following requirements:

  • Strong expertise and experience in enterprise Cyber Security environments and Security Operation Centres
  • Advanced knowledge in Enterprise SIEM platform (IBM Qradar preferred)
  • Working in a 8x5 Security Operation Center (SOC L2) environment.