We are looking for the most suitable candidate who has experience in cybersecurity and is capable of monitoring security events and responding to incidents.
SOC OPERATOR
Job description:
- Ensuring security monitoring activities based on contractual conditions with customers;
- Investigating security incidents and documenting adversary activities in monitored environments, and escalating them to the next analytical level;
- Analyzing client data and assessing potential security threats;
- Participating in continuous development and improvement of the monitoring solution;
- Participating in continuous monitoring, threat hunting, detection, threat intelligence and related tasks under supervision and mentoring;
- Participating in the design and maintenance of low level EDR, XDR and SIEM correlation rules;
- Actively contributing to the improvement and tuning of the security monitoring toolset and rule sets;
- Contributing to the development and enhancement of incident response guidelines and manuals;
- Preparing reports for customers / communicating with customers regarding incidents;
- Cooperating in the development of security monitoring services and the security threat reporting system;
- Adhering to the company’s code of ethics and general rules of professional conduct;
- Monitoring, evaluating and contributing to the improvement of activities performed within the department;
- Being responsible for continuous (self-)education in the field of expertise.
- Secondary education with a school leaving exam in informatics, cybersecurity, information technology (or equivalent practical experience).
Bachelor’s or Master’s degree in informatics, cybersecurity, information technology or related fields.
Education in IT security and professional technical certifications are an advantage.
Knowledge and experience:
- Basic knowledge of network protocols and technologies (TCP/IP, DNS, HTTP/S, etc.);
- Basic knowledge of security technologies such as firewalls, IDS/IPS systems;
- Basic knowledge of scripting languages such as Python, PowerShell is an advantage;
- Basic knowledge of security standards and regulations such as ISO 27001, GDPR, NIST is an advantage;
- Practical experience with SIEM tools such as Wazuh, Q radar, MS EDR or ESET is an advantage, but not required;
- Ability to independently and competently perform assigned tasks and objectives;
- Ability to analyze basic security logs and events;
- Interest in learning and developing in the area of security incident analysis and response;
- Communication skills, teamwork, responsibility, proactivity, customer-oriented approach;
- English language knowledge at level B1..
- Education: technical field, IT, cybersecurity
- Experience: yes – minimum 1 year
- Driving license: Yes, category B
Employee benefits:
- Opportunity for further education and career growth
- Pleasant and modern working environment
- Coffee, tea, beverages, fruit free during working hours
- Possibility to work from home
- Participation in supplementary pension scheme (DDS)
- Sick days
- MultiSPORT card for sports and relaxation after work
- Company teambuilding evente
Salary conditions (gross)
from 1800 EUR/month + 20% monthly (KPI after the probation period), depending on the candidate’s experience.
We'd love to learn more about you. Do not hesitate to send your CV and cover letter to kariera@gamo.sk
Pursuant to Act No. 18/2018 Coll. on the protection of personal data, as amended, by submitting documents related to the selection procedure, the candidate gives consent to the management, processing and storage of personal data to GAMO a.s., with its registered office at Kyjevské nám. 6, Banská Bystrica, for the purpose of the selection procedure, for a period of 90 days. The job applicant may revoke this consent in writing at any time.