- Examining true positive incidents (escalated from our Level 1 SOC, through events or threat hunting etc.) and eliminating or mitigating the threat.
- Collaborating with our internal CSIRT as well as Incident Management during high priority incidents.
- Staying up to date with the external threat landscape as well as with new tools and attack modes.
- Working to continuously improve playbooks, processes, and tools.
- Experience from working in a SOC
- Experience of working with cyber security incidents
- Good Understanding of SIEM tooling
- Experience of security tooling (FW, AV, IDS, EDR, etc.)
- Certification within the IT security area
- Digital Forensic
- Basic understanding of programming languages (for example Python, Powershell, Bash etc.).
Security Analyst - Stockholm, Sverige - Sandvik
Beskrivning
At Sandvik Group IT, we're currently looking for a driven Security Analyst with focus on incident handling. Welcome to an exciting yet challenging role where you get to work with bright minds from all over the world
Your mission
You're part of our internal SOC team comprising of 6-8 members, with a focus on analyzing and investigating attacks and threats made by threat actors of various capabilities. With your personal drive and genuine interest within the cybersecurity area, you play a big part in developing our detect and response capability further.
Your role includes tasks such as:
This position is based in Stockholm, Sweden and allows for a hybrid working schedule.
We're looking for someone with experience in these areas
These skills and certifications are beneficial
Since we operate in an international environment, you're able to efficiently speak and write in English.
Your character
As a security analyst, you have the ambition and desire to learn more about cybersecurity area. You're a team player and enjoy connecting with the different parts of the organization. You also show creativity, outside-the-box thinking and can tackle obstacles in a way that challenges the status quo.