Sentinel SOC Analyst III

September 23

Apply Now

Receive Emails with Similar Jobs

Rackspace Technology

WebsiteLinkedInAll Job Openings

IT as a Service • Multi-Cloud • Managed Hosting • Managed AWS/Azure/Google Cloud Platform/OpenStack/Alibaba • Managed Private Cloud for VMware/Microsoft/OpenStack

5001 - 10000

Description

• Rackspace Cyber Defence is looking for an Indian based Security Operations Analyst (L3). • Responsible for detecting, analyzing, and responding to threats across multiple environments. • Focus on triaging alerts and events indicating malicious activity. • Liaise closely with customer’s key stakeholders including incident response and disaster recovery teams.

Requirements

• Existing experience as a Security Operations Analyst, or equivalent. • Experience of working in large scale, public cloud environments and with using cloud native security monitoring tools such as: - • Microsoft Sentinel • Microsoft 365 Defender • Microsoft Defender for Cloud • Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint. • Email Security tools such as Proofpoint, Mimecast and Microsoft Defender for Office • Data Loss Prevention (DLP) tools such as Microsoft Purview, McAfee and Symantec • Nice to have skills/experience includes: • Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis. • Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls. • Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc. • Experience with scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell. • Computer science, engineering, or information technology related degree (although not a strict requirement) • Holds one, or more, of the following certificates (or equivalent): - • Certified Information Security Systems Professional (CISSP) • Microsoft Certified: Azure Security Engineer Associate (AZ500) • Microsoft Certified: Security Operations Analyst Associate (SC-200) • CREST Practitioner Intrusion Analyst (CPIA) • CREST Registered Intrusion Analyst (CRIA) • CREST Certified Network Intrusion Analyst (CCNIA) • Systems Security Certified Practitioner (SSCP) • Certified Cloud Security Professional (CCSP) • GIAC Certified Incident Handler (GCIH) • GIAC Security Operations Certified (GSOC) • A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail. • A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture. • Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure. • An individual who shows a willingness to go above and beyond in delighting the customer. • A good communicator who can explain security concepts to both technical and non-technical audiences.