Security Operation Analyst - Remote

Overview

The Security Operation Analyst will work remotely to build, adjust, and implement analytics and detection rules for various security tools, monitor alerts, and collaborate with incident response teams.

In Short

• Fully remote position in Central Europe Time Zone.
• Build and implement analytics and detection rules for SIEM, EDR, and AV.
• Monitor and investigate alerts using Microsoft Security Tools.
• Participate in cybersecurity architecture reviews.
• Contribute to the preparation of KPIs for cybersecurity operations.
• Perform in-depth analysis of network security threats.
• Collaborate with cyber threat intelligence analysts.
• Document actions and communicate information effectively.
• Provide ad hoc support as required.
• 5+ years of relevant experience in information technology.

Requirements

• Deep knowledge of Microsoft Security Tools and Cloud technologies.
• Experience with SIEM tools like Splunk or Microsoft Sentinel.
• Knowledge of TCP/IP protocols and EDR solutions.
• Proven experience in reviewing raw log files and data correlation.
• Excellent communication skills and customer-facing experience.
• Ability to write documentation and reports.
• Willingness to learn and find innovative solutions.
• Desirable certifications: MCSE, CCNA, Microsoft Azure, GCIH, CEH.

Benefits

• Work in a fully remote environment.
• Opportunity to work with cutting-edge security technologies.
• Collaborative team environment.
• Professional development opportunities.
• Flexible working hours.