The SOC Incident Handler is responsible for resolving incidents identified by SOC analysts.
The core function is containing and mitigating suspected harmful cyber events by focusing the appropriate resources to address incidents, minimize potential damage, and recover quickly.
This position is responsible for chasing/following-up progress, actively communicating with the interested operations and business units concerning the incident and actions taken throughout the lifecycle, as well as continually leveraging SOC analysts to support investigations.This position is part of the Verisure SOC and provides Incident Response support for a global company stretching from Finland to Argentina.
Daily incident handling as well as anticipation to meet future events is part of these responsibilities.Documentation requirements to create runbooks, strengthen procedures and communication actions as a focus of Incident Response are involved.
Coordinating multi-team frameworks to improve IR process and procedures also plays a central role.Primary responsibilities include:Plan, manage, coordinate, and communicate to contain and mitigate an incident.Work closely with regional IT Operations and teammates to resolve cyber security and privacy incidents in a timely manner; escalate unresolved incidents as appropriate.Knowledge and experience with the IR lifecycle.Prioritize incidents in terms of their criticality; can distinguish between a misconfiguration and which events may escalate to larger issues if not resolved.Provide continuous coordination, direction, and leadership of all incidents raised by SOC.Maintain strong rapport with SOC analysts to collect investigative analysis and have a clear understanding of the incident to be handled.Develop trusted communication on issues and requirements with key stakeholders across multiple countries.Maintain high confidence of the SOC Manager.Communicate the status of an incident with clarity and focus.Handle AV alerts for both endpoints and servers.Leverage outlined policy to guide security practices to business groups and teammates; identify gaps to be addressed.Read VM reports to spot any affected assets from Threat Intelligence reporting.Document all team activities, especially containment and recovery tasks, and develop a reliable timeline for each stage of the incident.Maintain a high degree of 'best practice' and professional attention to detail within the SOC Operations team.Exhibit excellent writing and presentation skills.Secondary responsibilities include:Recommend security improvements to help internal operations be better protected.Assist with InfoSec projects as needed.Apply Best Practice Standards to security tools to aid in minimizing harm to infrastructure.Provide coverage for teammates.Act as the main point for incident escalation during major incidents.Essential skills & experience includes:Extensive experience in responding to Cyber Operations including monitoring, incident response & handling, threat detection, and threat intelligence.Proficiency with ticketing systems and procedure lifecycle ownership.Applicable degree or equivalent industry experience.Knowledge of relevant legal obligations & applicable legislation such as GDPR.Ability to conduct independent research.Security Awareness.International work experience (global team).Perform other essential duties as required.Incident Handler certification: GCIH, ECIH, CySA+, CREST, CISSP or similar.ITIL certification.Experience with Splunk searches.Familiarity with Linux and Windows tools and scripting.Memory Forensics expertise.Ability to read Firewall traffic; Wireshark.Experience with Penetration testing & Vulnerability finding tools.Knowledge of ForeScout and Network Access Control.Fluency in English and Portuguese (Please apply with English CV).Verisure is a global leading provider of professionally monitored security solutions.
We are an international company with a start-up mindset, fast, agile, and lean, high-performance, and value-driven.
We protect millions of customers in 17 countries.
Our business model integrates product development, design, and sales with installation, outstanding service, and a 24/7 professional monitoring solution.
We protect people from intrusion, fire, and flood - and we save lives.Verisure Innovation is an equal opportunity employer and welcomes applicants from diverse backgrounds.
We are an international company with offices and colleagues in multiple countries.
#J-18808-Ljbffr