Microsoft | SOC | Blue team | Azure Sentinel | Location Houten
As a SOC Level 1 Analyst you are our tier 1 analyst in case of a security event. You pick up operational activities regarding security incidents, event monitoring and threats with the aim of information security and privacy. You take care of the processing of threat information about security risks and vulnerabilities of our customers.
Are you a Blue Teamer? Do you keep an overview even in busy, stressful situations and do you feel at home in a SOC? Then read on!
What do you do?
From our SOC, you are responsible for monitoring the Azure Sentinel Incident Blade for possible security incidents, within our customers’ environments, and closing or escalating them. To determine the appropriate recovery actions and escalation paths for each incident, you will create analyses and incident reports.
- You monitor, control and analyse security traffic and alerts;
- You research exploits;
- You carry out proactive threat investigations;
- You evaluate security events included in a SIEM system;
- You will analyse a variety of network and host-based security logs (firewalls, NIDS, HIDS, Syslogs, etc.) to determine the appropriate recovery actions and escalation paths for each incident;
- You independently follow procedures to contain, analyse and eradicate malicious activities;
- You document all activities during an incident and provide proactive status updates;
- You take care of the complete incident management, response and reporting;
- You follow trends, statistics and key figures for our customers;
- You will help develop processes and procedures to improve incident response times, incident analysis and overall SOC functions;
- You provide daily Shift change reports, incident reports and Security status reports.
ASAPCLOUD for you
- Lots of room for development and good opportunities for advancement;
You can make unlimited use of our ASAPCLOUD Talent Development Program (ATDP). Through a unique and individually composed development path, you can further develop yourself at our expense;
- You will receive a Visual Studio Enterprise Subscription with monthly Azure Credits;
- Your salary is in line with the market and we would like to discuss it with you personally. In addition, upon positive completion of your ATDP trajectory, you can count on a financial reward;
- We provide you with a nice lease car, a Surface laptop and Iphone;
- We have a good pension scheme;
- You have at least 24 days of holiday per year.
Who are we looking for?
- You are a professional with a college degree and at least 3 years of experience in a SOC;
- You have experience with Azure Sentinel or a SIEM system;
- You have experience with Azure Defender, Microsoft Defender for Endpoint, Cloud App Security and Defender for Office;
- You have experience with CEF and Syslog;
- You have experience with KQL;
- You are familiar with common IDS/IPS and Firewalls (Cisco, Fortigate, Palo Alto, Sourcefire);
- You have experience with malware analysis and reverse engineering;
- You have experience with packet analysis and packet capture tools;
- You have a CISSP, CIMP or CEH certification or are willing to obtain one. A Microsoft certification such as SC-300, MS-500 or AZ-500 is an advantage;
- You have a problem-solving mentality, you are customer-oriented and like to take initiative;
- You take ownership of what you deliver and take pride in the quality of the work;
- You are always open to broadening and deepening your knowledge, and you are happy to share the knowledge you have gained;
- You feel at home in an Agile/Scrum environment.
Are you curious, but do you still have a question? Feel free to contact our corporate recruiter
Marjolein at +31 (0) 6 13 96 42 98 or firstname.lastname@example.org.
Of course, you can also apply directly!