SOC Analyst Tier 2

Location:Darmstadt , Germany Application deadline: 13 December 2024 Reference number: 0122

Are you looking for a new opportunity to take your career to a higher orbit? Have you ever thought about the excitement of combining Cyber Security activities and the Space sector? A job adapted to your career ambitions and in which you could have an impact for the years to come?

Starion Group gathered cyber experts to operate the novel security operations centre (SOC) for the European Space Agency (ESA). This is a rare opportunity to join this pioneering team and contribute to the launch of its activities: a chance to leave your mark for years to come.

The SOC activities not only involve the monitoring of ESA’s IT infrastructure but will go beyond. In this exciting context, we are looking for a SOC Analyst (Tier 2) to handle security incidents and to work from the European Operations Centre of ESA (ESOC) in Darmstadt, Germany. You will also have the chance to work on internal projects for our Cyber Centre of Excellence in Belgium.

Tasks and activities

The scope of work will include:

• Incident investigation: conducting in-depth investigations into security incidents escalated from Tier 1, including analysis of logs, network traffic and endpoint data.
• Advanced threat detection: utilizing advanced security tools and techniques to identify and respond to sophisticated cyber threats.
• Incident response: taking a lead role in incident response activities, coordinating with Tier 1 analysts.
• Documentation and reporting: documenting detailed incident reports, including the root cause analysis and providing comprehensive reports to stakeholders.
• Knowledge of security vulnerability analysis and penetration testing techniques or practical application of attack patterns.

Skills and experience

The following skills and experience are mandatory:

• A Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience).
• Advanced cybersecurity knowledge: In-depth understanding of cybersecurity concepts, threat landscapes and mitigation strategies.
• Technical expertise: proficiency in utilizing advanced security tools, SIEM tools and other cybersecurity technologies.
• Familiarity with SOAR tools like Palo Alto Cortex XSOAR or similar.
• Proficiency in utilizing and analysing Endpoint Detection and Response (EDR) tools like CISCO AMP, Microsoft Defender XDR, Sentinel One, for example.
• Incident handling: experience in leading and coordinating incident response efforts.
• Team collaboration: the ability to collaborate seamlessly with other SOC team members and cross-functional teams.
• Eligible to undergo the ESA and EU secret security clearance procedure.
• Fluent in English, both written and spoken.

The following skills and experience would be highly desirable:

• Relevant certifications such as Comptia Security+, CompTIA Cybersecurity Analyst (CySA+), Certified Incident Handler (GCIH), or equivalent.

Why should you apply?

• You will have the opportunity to work within leading space organisations across Europe.
• We encourage everyone to think outside the box and to push the boundaries of traditional knowledge. This role is an opportunity to join a forward-thinking company and allows for a deeper understanding of the industry.
• To be part of a company that values integrity, inspiration, care and collaboration.
• Benefits include: competitive remuneration packages; unique career opportunities, including working in other countries; access to training and development programmes; flexible relocation support.

We welcome applications from people with disabilities, members of ethnic minorities, all genders, LGBTQ+ individuals and ex-service personnel.

#J-18808-Ljbffr