Level 1 CyberShield Analyst

Article Summary:
Share Article:

The Ideal Candidte

Essential Skills

  • As the Level 1 SOC Analyst requires strict adherence to a weekly schedule, we require someone with proven discipline in being on-time and ready to operate for each and every scheduled 12-hour or 8-hour shift.
  • We are looking for someone to join the Hanco team who has demonstrable skills in critical thinking and problem-solving, especially someone who can remain risk-aware and focussed risks that alerts may pose andmaking informed decisions about whether or not theymerit investigation.
  • You should have basic experience with Security Information Event Management (SIEM) tools, creating advanced co-relation rules in YAML, administration of SIEM, system hardening, and Vulnerability Assessments.

Desirable Skills

  • Implementation and management ofSIEM and other cybersecurity products.
  • TCP/IP network traffic and event log analysis.
  • One or more SIEM tools like LogRhythm, QRadar, Arcsight, Mcafee epo, UTMStack, or NetIQ Sentinel.
  • Core ITIL disciplines such as Incident, Problem and Change Management

Job Background and Description

Our Hanco CyberShield Operations Centre monitors alerts and creates incidents for a wide variety of clients in North and South America and Europe, including the United Kingom. Our Level 1 CyberShield Security Analyst position will analyse incoming alerts and escalate where needed to our Level 2 Security Engineers, after undertaking the detailed investigationrequired for the alert.

As a Security Analyst your main focus will be on determining whether the security event will be classified as an incidentand notification to the client. You will coordinate with the customer IT and Security team via e-mail and on the phone for resolution of basic Security Incidents.
Our overall aim at Hanco is to reduce alert fatigue for our valued clients and for them to know that our “Hanco is Here” attitude applies to the services we provide.
This role reports to the CyberShield Team Lead.

Responsibilities

  • Escalate validated and confirmed incidents to designated incident response team.
  • Notify Client of incident and recommend mitigation works.
  • Fine-tune SIEM rules to reduce false positive and remove false negatives.
  • Collect global threat intelligence and internal threats then inject actions based on analysis and recommendation.
  • Proactively research and monitor security information to identify potential threats that may impact the organisation.
  • Develop and distribute information and alerts on required corrective actions to the organisation.
  • Learn new attack patterns, actively participate in security forums.
  • Work closely with our Partners in Eastern Europe and America to ensure Correlation Rules are in place for specialty incidents.
  • Understand the structure and the meaning of logs from different log sources such as O365, Azure AD, Windows, Cisco appliances, Firewalls, AV and antimalware softwareand similar.
  • Develop an inherent feel and understanding for what normal operations looks like for a given server being monitored, in order to better identify outlier alerts and security events.
  • Review existing incidents to determine client responses through time and furtheridentify possible false positive candidates.
  • Analyst should properly include for each incident all details related to the logs, alerts and other indicators identified in accordance with the intervention protocol of each client and the SLA.
  • Track and update incidents and requests based on client’s updates and analysis results.
See all Cybersecurity Solutions
More Cyber News:
HancoCyber SIEM and Compliance solutions offer the information and monitoring needed

Hanco Compliance Package

Our Hanco CyberShield™ Compliance Package will outfit you with GPDR, GLBA, HIPAA, SOC and ISO compliance reports and dashboards, so you can keep track of your progress in complying with the various laws and rules
#HancoCyber #CompliancePackage #hanco

Read More »
April 9, 2022 No Comments

Welcome Deceptive Bytes!

Our newest Premier Partner: Deceptive Bytes! We are proud to announce that Deceptive Bytes has attained our Premier Partner status — read

Read More »
September 23, 2020 1 Comment

Secure Access

Make it easy for staff to get in, and hard for the hackers to penetrate your perimeters!
#HancoCyber # #hanco

Read More »
June 28, 2023 No Comments
Hanco Endpoint and Gateway Security

Endpoint Protection

Our Hanco Cybershield™ Endpoint Protection monitors your endpoints and servers with Advanced Threat Protection and alerts
#HancoCyber #EndpointProtection #hanco

Read More »
April 9, 2022 No Comments
No more posts to show
For other issues click here
Contact the Hanco Cyber Team!
E-mail our Cyber Specialists
See Cyber Solutions Prices

Valued partners and clients:

Hanco is proud to have AutoTraderas a valued client for our cybersecurity solutions!
aathornton
UTMStack Coloured whiteback horizontal copy-555
iliv-logo
Hanco offers premium SOCRadar vulnerability and incident response solutions to our clients
safenames
connells-group
CyberEssentials-clear
IASME cons
Hanco-DeceptiveBytes-Banner
E-blazon-negru-orig-500
SMGPA
deloitte
ceap
lion
maersk
mphasis
penguin
udb
virtusa
vodafon
LSA1
ey
tetrad-logo@2x
thebelfieldgroup
Established in 2003, Hanco has you covered across IT Management, Project and Planning, Cybersecurity, Websites and more!

UK Headquarters

America

Europe

  • Hanco Global Europa SRL
  • +40 31 229 5900
  • Complexul Palladian, Str Madgearu Virgil, nr 27A Corp B, Parter, Ap 2 Sector 1, București 014135 România

India

Ⓒ 2022 - Hanco Global Solutions Ltd., All Rights Reserved
CloseMenu

Let us know your Cyber issues

Please leave your details and we will get back to you between 10am and 6pm London time!

Or Email our Cyber Specialists

We have custom cyber solutions just for you! 

CyberSecurity Solutions:

Our Hanco CyberShield cybersecurity solutions include custom applications designed for you with monitoring staff based in the UK, India and USA.