SOC Analyst (Level L1 - L3)
CDI Bucharest (Municipiul Bucureşti)
Job description
An exciting opportunity to join our client's team at a trusted cybersecurity defender with over 10 years of experience, dedicated to protecting businesses, data, and reputations through 24/7 monitoring, strategic leadership, compliance guidance, and vulnerability assessments. We are looking for a SOC Analyst (Level L1 - L3) to join this organization.
Responsibilities
- Monitor and triage alerts from various sources to detect suspicious or malicious activity.
- Perform investigations of alerts based on incident management procedures.
- Leverage security tools such as SIEM, SOAR, EDR, and XDR.
- Escalate incidents to higher levels when needed and perform containment actions.
- Provide guidance and mentorship to lower-level analysts.
- Develop detection models and custom rules based on client environments and threat intelligence.
- Proactively hunt for advanced and persistent threats.
- Collaborate with offensive security teams to improve detection capabilities.
- Document and report incidents, including root cause analysis and recommendations.
- Support 24/7 operations, including shift work and on-call availability for major incidents.
Requirements
- Bachelor's degree or an equivalent combination of formal education and experience.
- Minimum 1-5 years of experience in a SOC or similar security operations role, depending on level.
- Relevant industry certifications such as Security+, CySA+, CCNA CyberOps, GCIH, GCFA, GNFA, or OSCP.
- Understanding of core IT concepts, such as cloud computing, networking, and system administration.
- Knowledge of SIEM, EDR/XDR, SOAR, and other security tools.
- Strong analytical and problem-solving abilities.
- Concise, clear English writing and reporting skills.
- Ability to work in shifts, including 24/7 operations.
- Experience with threat hunting methodologies and adversary emulation (MITRE ATT&CK).
- Ability to work independently and as part of a team under time pressure.
Certifications
- Security+
- CySA+
- CCNA CyberOps
- GCIH
- GCFA
- GNFA
- OSCP
In addition to the salary, the company offers the following benefits
- Health insurance.
- Access to highly skilled experts to bring you the latest in learning and development with training in leadership, technical and personal development.
- A flexible working environment.
What is RSight®
RSight® is a next-generation recruitment solution, committed to the values of fairness, transparency, and human-centric hiring. RSight® aims to redefine recruitment, putting people and potential at the heart of every opportunity.
Application Instructions
Please submit your resume (mandatory) outlining your qualifications and interest in the position. Only candidates selected for interviews will be contacted.
Desired profile
Bachelor's degree or equivalent combination of formal education and experience. Minimum of 1-5 years of experience in a SOC or similar role in security operations, depending on level. Relevant certifications such as Security+, CySA+, CCNA CyberOps, GCIH, GCFA, GNFA, or OSCP. Understanding of basic IT concepts, such as cloud computing, networking, and system administration. Knowledge of security tools such as SIEM, EDR/XDR, SOAR, etc. Strong analytical and problem-solving skills. Concise and clear English writing and reporting skills. Ability to work shifts, including in 24/7 operations. Experience with threat hunting and adversary emulation methodologies (MITRE ATT&CK). Ability to work independently and as part of a team under pressure.
About rsight
An optimized combination between Human & Digital RSight® is bringing the recruitment to another level of experience and interaction, offering a unique recruitment experience for each client, candidate and partner. By leveraging the latest technologies and Artificial Intelligence, RSight provides recruiting organizations and individuals with an augmented quality of service and go beyond the current industry possibilities.