Oracle IT Security Analyst 4 in BRNO, Czech Republic
IT Security Analyst 4
Sr. SOC Analyst
We are seeking a Sr. SOC Analyst to join the Oracle NetSuite Security team responsible for securing systems, infrastructure, services and data. The Security Operations Center Analyst will use data collected from a variety of information security tools and sources (including intrusion detection system alerts, firewall and network traffic logs, and host system logs) to analyze events that occur within the enterprise and perform threat analysis as well as investigate and analyze all response activities related to potential security incidents within the enterprise.
The candidate must be able to routinely evaluate priorities based on the dynamic nature of the environment. The role requires close collaboration with peers across multiple geographic regions to discuss issues and cases and for performing troubleshooting activities. Partnership with multiple internal security teams is paramount for success and overall improvement of security operations. Mentoring junior staff is highly encouraged to develop professional relationships.
Provide Tier 2 analytical support, respond to security incidents, draft comprehensive incident reports, document and execute lessons learned
Identify security events requiring immediate escalation and response
Document and communicate analysis of research and findings to peers and leadership
Monitor and analyze security events, network traffic, and security alerts across the enterprise
Perform advanced analysis of security events and alerts
Correlate events from multiple sources during investigations
Assist with ongoing development and improvement of processes and response procedures to improve overall SOC functions
Conduct investigations of potential intrusion attempts to determine remediation actions and escalation paths
Facilitate meetings to collaborate with internal teams to identify, resolve, and mitigate issues
Perform incident response and handling following documented procedures
Track investigation activities during an incident, including identifying next steps, spanning across multiple shifts
Monitor external data sources to maintain awareness of threat condition and determine which security issues may have an impact on the enterprise
Lead a team of junior analyst
Required Skills and Experience:
Knowledge of security controls including network security technologies (IDS, IPS, firewall, and WAF), OS hardening, file integrity monitoring, and authentication
Strong understanding of system and network security threats and vulnerabilities
Hands-on experience with TCP/IP and data packet capture analysis, networking fundamentals, common network services, network vulnerabilities and network attack patterns
Experience in security event monitoring and triage, incident response, and/or system/network auditing
Hands-on experience using SIEM for data analysis and EDR tools for response purposes
Familiarity with network and endpoint security applications and tools including network scanning tools, NIDS/HIDS, firewalls and web proxies
Self-motivated, excellent analytical and problem solving and critical thinking skills
Exercise sound judgement calls for investigative purpose, including making the determination to close a case
2 years leading a team of analysts
5 years as a SOC Analyst
10 years in Information Technology preferably as a security engineer, system administrator, or network engineer
Bachelor’s degree in Computer Science, Computer Engineering, MIS, or related field
Effective time management skills by completing assignments or delivering updates within required deadlines
Preferred Skills and Experience:
Experience with Linux system administration, scripting, log parsing, vulnerability assessments/penetration testing, or vulnerability management
Scripting, programming knowledge and experience
Familiarity with industry recognized frameworks including but not limited to MITRE ATT&CK, ADS, NIST 800, and CIS
Recognized industry certification and/or continuing education programs are a major plus including GCIH, GCIA, CISSP, GCFA, GMON, GREM, GNFA
Advanced understanding of Unix & Windows functionality, access control, event logs and monitoring; application and network security
Working knowledge of forensics, incident response and threat hunting methodologies for a cloud service provider
Detailed Description and Job Requirements
Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.
Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company’s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.
Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.
As part of Oracle's employment process candidates will be required to successfully complete a pre-employment screening process. This will involve identity and employment verification, professional references, education verification and professional qualifications and memberships (if applicable).
Job: Information Technology
Location: CZ-CZ,Czech Rep-BRNO
Other Locations: CZ-CZ,Czech Rep-Prague
Job Type: Regular Employee Hire
- Oracle Jobs