Philips
Freelance SOC Analyst - Level 2
Your Challenge
The SOC Specialists main objectives are to contribute following a multidisciplinary approach to the key SOC operational tasks: content delivery, detection, monitoring and response.
SOC specialists integrate into a multidisciplinary pool of resources with the ability to perform in several cross functional aspects in Security Operations which are equally needed to deliver a proactive and avant-garde cyber defensive capability.
Following business and operational efficiency principles, proactive and performance-oriented activities are performed. This involves (analytical) activities to enable intelligence gathering and usage, improving detection capabilities and ability to perform in the triage processes (detect and response)Typical outputs from the SOC specialist function are:
Integration and enhancement of the cyber threat intelligence
Solution engineering, use case development and technical architecture
Event triage and response
Focused forensic investigations
Delivery of performance indicators for the different SOC areas
Support and escalation point for other functions
Your Responsibilities
The SOC Specialist is expected to be able to deliver value in the following areas of expertise:
- Threat Intelligence:
Discovers, analyzes and prioritizes new threat intel sources
Integration of intelligence feeds into the operational processes- Content Delivery:
Develops content, such as scripts, use cases for SIEM, queries for log management or automated data gathering for forensics.
Creation of overall situational awareness, combining outputs to be further used by the SOC-
Detection & Response:
Perform anomaly detection and malware hunting
Manage security incidents to conclusion
Perform forensic investigations
You are responsible for:
Deliver value in Threat Intelligence: create situational awareness, integrate and fuse intelligence from different sources, proactively determine if new sources are available, improve the intelligence capability;
Execute solution engineering and technical architecture: Integrate security technologies, create and implement content, create and optimize SOC workflows;
Perform advanced threat detection, malware and threat hunting, anomaly detection and security analytics;
Execute threat response: forensics, crisis management and creation of mitigation courses of action;
You are a part of
The Security Operations team within Philips works diligently to provide reliable and secure services across the global enterprise. The team has a focus on system reliability and security through the continuous operation of secure solutions. The Security Operations Center (SOC) consists of a 24/7 incident response capability, a threat intelligence team and dedicated security engineering and development staff.
The SOC specialists work in a close teaming approach with other SOC specialists, and involve when necessary other Subject Matter Experts.
We are looking for:
The ideal candidate must have a passion for security and all things technical, with a good understanding of adversary motivations in cybercrime and the tools and techniques of the trade. Previous experience working in Security is a must, SOC specific experience is preferred. Working as part of the team in a 24/7 service and onsite are pre-requisites.
To succeed in this role, you should have the following skills and experience:
Prior experience working in a Computer Emergency Response Team (CERT/CIRT) or IT security environment
Proficient with networking concepts and protocols (such as DNS, HTTP(S), SMTP, FTP, etc.)
Proficient programming skills and solution engineering skills: SIEM, Log Management, Ticketing Systems, Workflow Automation, Scripting, Networks Management
Certifications such as GSEC, GCIH, GCIA is preferred
Trustworthiness and integrity
Ability to take decisive action based on available information in a timely manner
Bachelor degree or equivalent combination of education and (work) experience
7+ years working in the IT field
Working in shifts, standby roster for outside of business hours?