Senior SOC analyst

We are growing our SOC team and are looking for an experienced, enthusiastic Senior SOC Analyst to join our team.

Your role will involve

As a Senior SOC Analyst, you will act an escalation point for our Tier 1 SOC Analyst Team, who are responsible for monitoring our customer environments for events and security incidents. You’ll be responsible for determining if events escalated by the team constitute security incidents, and if they do you will analyse the incident and escalate with the customer when further investigation or a resolution is needed.  You’ll also work with our security engineers to develop and tune SIEM rules and response procedures, documenting everything as you go to ensure effective communication with the rest of the team and the customer. Where you find common or repeat problems you will have the opportunity to analyse the trends and suggest and implement processes or technical improvements to resolve them.

This role will suit you if you’re eager to learn, have a keen interest in problem solving and ready to progress your security career.

All applicants must have a valid work permit or be legally entitled to work in Ireland.

• 3-5 years experience working in a SOC environment.
• Expert knowledge of SIEM or Log Collection tools (Splunk, QRadar, ArcSight, etc).
• A Bachelor’s degree or equivalent in Computer Science, Computer Engineering, Electrical Engineering, Network Security, Information Security, Information Technology, or Mathematics (or equivalent work experience)
• Keen problem solving/ troubleshooting skills
• The ability to learn new technology and concepts quickly

To be successful in the role you will also need these skills and attributes

• A can-do attitude
• Excellent written and verbal communication skills. You should be able to communicate technical details clearly
• Act as Subject Matter Expert for all SIEM related queries
• Ability to mentor others, and an eagerness to assist Tier 1 Analysts improve themselves
• The ability to adjust and adapt to changing priorities in a dynamic environment
• A pro-active approach to addressing issues and requests and the ability to multi task
• Great organisational skills and attention to detail

Bonus points if you have any of the following:

• Prior work experience working with IBM QRadar & Sentinel
• Prior work experience creating, modifying and tuning SIEM rules to reduce false positives
• IBM QRadar or similar SIEM Certification / Experience
• Vulnerability Management Experience
• Vendor specific certifications / experience – Fortinet, Cisco, Checkpoint, Juniper etc.
• Theoretical or practical knowledge in the following areas:
  • Incident response, SIEM
  • Unix, Linux, Windows, etc. operating systems
  • Well-known networking protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.)
  • Exploits, vulnerabilities, network attacks
  • Packet analysis tools (tcpdump, Wireshark, ngrep, etc.)
  • Regular expressions
  • Database structures and queries

In addition to Salary, generous annual leave (25 days!) and benefits, (Pension, Income protection, laptop, EAP) Ward offers its employees a creative and collaborative work environment, we reward courage and innovation and believe in treating our team well. We believe in being exceptional and support our team though career planning and numerous learning initiatives to help them develop and thrive within the organisation