SOC Security Analyst

What you will do

his role will perform the administration of Johnson Controls’ (SOC – Security Operations Center) internal operations team responsible for incident response and vulnerability management and other core capabilities. He or she will administer these capabilities by installing and maintaining infrastructure tools and related system software, continuously improving the application through proactively analyzing, and resolving related problems.  He or she will be responsible for service delivery and support within defined operating and service level agreements. 

How you will do it

* Leading SOC Security operations in the performing of all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
* Monitor and analyze network traffic and security event data. 
* Investigate intrusion attempts and perform in-depth analysis of exploits.
* Provide network intrusion detection expertise to support timely and effective decision making
* Conduct proactive threat and compromise research and analysis. 
* Review security events that are populated in a Security Information and Event Management (SIEM) system.
* Analyze a variety of network and host-based security appliance logs determine the correct remediation actions and escalation paths for each incident.
* Independently follow procedures to contain, analyze, and eradicate malicious activity. 
* Document all activities during an incident and providing leadership with status updates during the life cycle of the incident. 
* Create a final incident report detailing the events of the incident 
* Provide information regarding intrusion events, security incidents, and other threat indications and warning information to teams
* Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.
* Provide guidance and mentorship to analyst team on investigative and response methodologies.
* Participates in special projects as required. The SOC Security Analyst is responsible for carrying out all activities regarding SOC policies and SOC procedures.
* Provide feedback into the security logging and automation platform and processes to decrease threat time to detection and increase Security Operations team efficiency. 

What we look for

The successful candidate will be a passionate information security professional with the ability to communicate to different business and IT leaders. The candidate will be able to execute the Information Security Incident Response and Vulnerability Management strategy defined by leaders. The candidate will demonstrate drive, intelligence, maturity, and energy and will be a proven team leader and security strategist.  

Required:

* 3-5 years of security related experience in incident analysis, incident handling, vulnerability management or testing, log analysis, intrusion detection, network operations
* Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents to technical and non-technical audiences at different seniority levels and interact with customers
* Ability to create and maintain good business relationships with counter parts, customers and external entities to achieve the security operations management goals
* Ability to maintain a high level of discretion and personal integrity in the exercise of duties, including the ability to professionally address confidential matters
* Strong understanding of adversary motivations including cybercrime, cyber hacktivism, cyber war, cyber espionage and the difference between cyber propaganda and cyber terrorism
* Strong understanding of security operations concepts such as perimeter defense, kill chain analysis, Threat Intelligence and Threat Profiling
* Familiarity with network security methodologies, tactics, techniques and procedures
* Experience with Intrusion Detection Systems (IDS)/ Intrusion Protection Systems (IPS), SIEM and other network defense security tools
* Understanding of network packet capture and ability to review
* Experience performing security/vulnerability reviews of network environments
* Knowledge of network security architecture, understanding of the TCP/IP protocol and remote access security techniques/products
* Experience with enterprise anti-virus/malware solutions, virus outbreak management and the ability to differentiate virus activity from directed attack patterns
* Have experience monitoring, detecting and leading response efforts of advanced persistent threats
* Experience generating and modifying network and host-based Indicators of Compromise (IOC)

Preferred:

* A bachelor’s degree in computer engineering, computer security

Our benefits:

Besides a very pleasant and international work environment Johnson Controls offers various opportunities for future growth, a competitive salary, monthly bonus, fully covered meal vouchers, monthly free workplace massage, winter vitamin package, onsite FIT days and a flexible benefit allowance so you can choose to tailor the rest of the benefits to suit your individual needs.
You will be based in our newly opened offices in the vibrant city center close to the river and Eurovea shopping centre. The onsite facilities include a fitness center, coffee machines, canteen and nursery. If you are relocating to Bratislava to join Johnson Controls you will be eligible to receive a housing allowance to help you get your new life set up!

Salary starting from 3000 EUR/month gross based on relevant experience.

Job location: Slovakia, Bratislava

<img src="https://stats.the-network.com/icons/83896/318.png" width="0" height="0"/>