<div><strong>Task and Responsibilities:</strong></div><div><br></div><ul><li>Security Incident Monitoring: Continuously monitor security alerts, logs, and events generated by SIEM systems and other security tools to detect and investigate security incidents;</li><li>Incident Triage: Prioritize and escalate security incidents based on their severity and potential impact;</li><li>Incident Investigation: Conduct in-depth investigations into security incidents, including identifying the scope, impact, and root causes.;Threat Intelligence: Utilize threat intelligence feeds to stay informed about emerging threats and adapt security measures accordingly;</li><li>Incident Response: Develop and execute incident response plans, including containment, eradication, and recovery activities;</li><li>Microsoft Defender for Endpoint: Utilize in-depth knowledge of Microsoft Defender for Endpoint to analyze and respond to endpoint security incidents, including endpoint detection and response (EDR) capabilities;</li><li>Collaboration: Collaborate with L1 and L3 security teams and any other stakeholder, to coordinate and execute incident response efforts;</li><li>MITRE ATT&amp;CK Framework: Apply expertise in the MITRE ATT&amp;CK framework to understand adversary tactics, techniques, and procedures (TTPs) and adapt security measures accordingly.</li></ul><div><br></div><div><br></div><div><strong>Job Requirements:</strong></div><div><strong> </strong></div><ul><li>A university degree in a related field;</li><li>At least 2 years of experience in a related field;</li><li>Strong understanding of cybersecurity principles, techniques, and technologies;</li><li>Proficiency in SIEM systems, including creating and maintaining correlation rules, alerts, and reports;</li><li>Proficiency in Microsoft Defender for Endpoint and endpoint security concepts;</li><li>Experience with incident response tools, forensic analysis, and threat intelligence;</li><li>Expertise in the MITRE ATT&amp;CK framework and its application in incident response and threat analysis;</li><li>Ability to work under pressure and respond to security incidents in a timely manner;</li><li>Relevant industry certification such as Blue Team Level 1 or 2, CompTIA Security+, CEH are a plus;</li><li>IT Background;</li><li>Accuracy and detail orientation;</li><li>Very Good communication skills;</li><li>Very Good negotiation skills;</li><li style="text-align: justify;">Very good knowledge of English.</li></ul>
Job details

SOC L2 Security Analyst


Competence Center


Full-time


Fixed-term


Prishtine

get in touch

If you have questions regarding the application process or about your career plans, please contact our career team in the following contact details:

Str. Robert Doll, #99, Prishtinë

+383 38 222 222 (273)

career@raiffeisen-Kosovo.com

To be informed proactively for the future career opportunities, please subscribe below:


Responsive image