Senior SOC Analyst L2

Porto, Porto, Portugal

Natixis in Portugal Global Financial Services is the global arm of Groupe BPCE. It comprises two businesses – Asset & Wealth Management and Corporate & Investment Banking – that support their clients in facing today’s major environmental, technological and... View company page

Founded in 2015, BPCE Infogérance & Technologies is a subsidiary of Groupe BPCE, dedicated to Infrastructures , End-User Environment , Security and Production . Driven by growth , expertise , transformation and agility , this project embraces an international mindset and a diverse skill set. You’ll find yourself in a dynamic and enriching workplace or, as we like to name it, a real tech playground , where you’ll be able to explore a huge tech stack..

Job Description We are looking for a SOC Analyst L2 (local contract) to join our BPCE IT business Unit.

Integrated within the Security Operation Center (SOC) BPCE-IT, the Blue Team is the first line of defence, responsible for defending the enterprise's use of information systems by maintaining its security posture against attackers.

The main activities are the ones below:

Detection, categorization and investigation of infrastructure, applications and security incidents

Vulnerability management on critical vulnerabilities (handling, categorization and follow-up)

Follow-up of remediation plans

Implementation of detection scenarios and treatment of associated alerts

The L2 SOC Analyst is responsible for monitoring and analyzing the organization’s networks and systems on a daily basis to detect, identify, investigate, and mitigate potential threats. They must be able to identify anomalous behavior, recognize patterns of malicious activity, and take appropriate corrective action.

In addition to their daily duties, the L2 SOC Analyst will provide recommendations for improving security posture and assist with incident response plans, policies, and procedures. Some additional responsibilities may include recommending tools or solutions, participating in audit activities, providing reporting on security events/incidents and collaborating with other teams across the organization.

Main Tasks and Responsabilities:

The candidate will have 3 main missions:

1) Analysis:

Participation in improving correlation and log analysis rules

Conduct investigations and research including statistics

Interpret or perform first level (Sandbox or manual) minimum scans on malicious codes

Improve our Threat Intelligence activity

2) Handling incidents:

Creating, and managing service requests via our ticketing tools (ServiceSnow / SecOps / TheHive)

Qualify and analyze these elements to determine the cause of the incident, the mode of operation of the attack (vulnerabilities use, tactics, technics), the scope and the perimeter of compromise

3) Training:

Knowledge transferring in-house and writing documentation

Apart from these activities the candidate will have to maintain and develop his expertise:

in techniques and tools of digital investigation

methods and tools for analysis (monitoring, training, international conferences, etc.)

Qualifications Main requirements:

The candidate must be operational on the security tools used in the BPCE IS and master the architectures in place.

Solid knowledge in most of the following technical areas is required, keeping in mind that no one is an expert in every topic.

The ideal candidate should have advanced problem-solving skills and a background in cybersecurity engineering.

Knowledge of the operating principles of Information Monitoring and Security Event Solutions (SIEM).

Good experience of Splunk and Regex search syntax.

Good experience of theHive

3) SYSTEM/NETWORK

Good knowledge of network and system architectures

Knowledge of the operation of intrusion detection probes and event log correlation tools

4) SECURITY:

Good knowledge of Mitre Attack framework and counter measures link to the technics and tactics

Good knowledge of Information monitoring and analysis tools and methods.

Good knowledge of the security standards for different technologies (web servers, messaging, database, DNS, proxy, firewall, etc.)

Have a good knowledge on one or more of the following topics:

Malware types (rootkit, ransomware, botnet, etc.)

Obfuscation and persistence technics (cryptography, packing, etc.).

Digital investigation/analysis tools

SandBox behavioral

Other requirements:

Good level of English – minimum B2level;

Good level of French - minimum B1 level;

Ability to keep up with a demanding and fast-paced environment;

Good priority definition skills;

Know how on implementing pedagogy methods;

Ability to work in a team.

Additional Information At Natixis, we are committed to fostering a working environment where each and every one of our people is treated with dignity and respect and where every voice is heard. Our differences make us collectively stronger and are a source of fulfilment, innovation and performance.

In the framework of its Diversity, Equity & Inclusion policy, Natixis in Portugal has implemented a Blind CV Screening process, with the purpose of reducing hiring bias. A blind CV excludes any personal details which refer to theapplicant’s gender , age or ethnicity. When applying for our positions, please submit a blind CV, that is, with no picture, name, gender, age, nationality, ethnicity and address. Your personal statement, work experience, courses and certifications, education, skills and contact information is what matters to us.

Candidate’s Journey:

Following your online application, you’ll be contacted by one of our Talent Acquisition Specialists. The next steps would be to meet our business experts (Team Leaders and Team Managers), welcome and onboard you into the Team.

Few other things you should know:

This career opportunity is based in Porto, right in the heart of the city, and offers a hybrid working model.

Last but not least, we invite you to discover what a day in your like could look like:

Early morning. Campo 24 de Agosto. In 4 minutes, you are clocking in at the office. Start your day having breakfast with the Team and grab fresh fruit on the way to your seat, in one of Porto’s most typical neighborhoods. This Purple Day is going to be a busy one: daily meeting ensuring all team members are on the same page regarding work status, priorities and blockers, language class and, just after, a Talent Management meeting with your manager, discussing your career path.

Lunch break. Today, your Team is onboarding newcomers, but also welcoming French colleagues: the perfect excuse to walk downtown and bond over a francesinha . When returning, inhale nature and peace of mind in Natixis Urban Garden (look at the crops; ready to harvest!).

Back inside. Brainstorming session on a new, exciting project in our disruptive and immersive Manaus Village. The afternoon went flying (tasks, meetings, some jokes with your teammates). End it on a high note: celebrating cultural diversity with a Diwali, the Indian festival of lights.

Tomorrow, you attend a conference led by influential speakers in your industry and, the day after, you will work from home, benefitting from some focus time to complete that report and soft skills course on LinkedIn Learning. Once you are done with your work for the day, strike the right note playing with Natixis band or be part of a board games session. If that is too steady for you, meet your colleagues to catch some waves or sail the Douro river during golden hour.

Explore more InfoSec / Cybersecurity career opportunities Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr