SOC Analyst

**Job Description**:
The SOC Analyst is responsible for monitoring and responding to the security events and risks of the business and documenting their research, triage, and mitigation efforts. They are expected to assess the effectiveness of detections, risk management controls, and policies used to prevent security threats. They are involved in the development of policies and detections and are encouraged to provide recommendations based on their analysis and engage in threat hunting exercises, penetration testing, and phishing campaign simulations.

The SOC Analyst will report to the SOC Lead and is an involved member of the Security Operations and Information Security Team. This role is expected to display familiarity of Cybersecurity best practices and frameworks (MITRE, ISO27001, SOC2), as well as being an active contributor to the continued maturation of current security tools and systems. As a SOC Analyst you are empowered to take the appropriate response actions to mitigate risks and remediate threats to Snow Software and our clients.

**Key Responsibilities**:

- Work in a 24x5 Security Operations environment, working primarily day shift
- Monitor SIEM, mailbox, and ticket requests; ensuring a timely response
- Works with security information and event management (SIEM) to manage/tune the system, create/manage the detection content and actively watch for alerts
- Conducts proactive threat hunting and uses findings to recognize detection gaps
- Responsible for Security Incident Response actions and escalation of critical severity incidents
- Provides incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary
- Perform file analysis and digital forensics** **based on alerts received and in support of investigations
- Conduct maturity improvements for information security and cybersecurity tools and systems
- Conduct pen testing and vulnerability management exercises as well as red/blue team events
- Discuss and present major events and initiatives with SOC members during a daily handover session
- Maintain a strong awareness of the current threat landscape

**Qualifications**:

- Knowledge of and experience with SIEM/SOAR technology, and EDR tools
- Knowledge of and experience with Windows, MacOS, and Linux operating systems
- Proven experience of ability to analyze event logs and recognize signs of cyber intrusions/attacks
- Understanding of query languages and/or scripting languages
- Experience in a relevant field such as IT audit, risk management, penetration testing, red team/blue team, or as a security operations analyst
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- Is a confident, energetic self-starter, with strong interpersonal skills

**Additional qualifications**
- Working knowledge with Kusto, SQL, or other query/programming languages
- Working knowledge with Azure Sentinel and Microsoft Defender
- 1-2 or more years working in a Security Operations Center, internally or with a service provider (MSSP)
- Experience in vulnerability analysis and remediation
- Experience with security tool implementation

Additional Information
**Company Description**

Snow Software is the global leader in technology intelligence solutions, ensuring the trillions spent on all forms of technology is optimized to drive maximum value. More than 4,000 organizations around the world rely on Snow's platform to provide complete visibility, optimize usage and spend, and minimize regulatory risk. Headquartered in Stockholm, Snow has more local offices and regional support centers than any other software asset and cloud management provider, delivering unparalleled results to our customers and partners.

As an inclusive employer, Snow strives not discriminate on the grounds of age, disability, sex, sexual orientation, gender identity or expression, marriage, civil partnership, pregnancy, maternity, race (including colour and ethnic or national origins), religion, Veteran status or belief.

This is not just a generic ‘equal opportunities disclaimer’ for us - we are truly committed to creating a workplace where our team members thrive.

If you have a disability or special need that requires us to adjust the recruiting process, please do advise us when contacted.

LI-MC1