Security Operations Center Analyst Coimbra

Security Operations Center Analyst
Coimbra
Coimbra, Coimbra District, Portugal

Job Title: SOC Analyst

Location: Hybrid working, home & BCA Coimbra (monthly visits)

Salary: Competitive + Benefits!

Working Hours: Monday - Friday, 40 hours

Job Status: Permanent

Who we are!

The Constellation Automotive Group is the largest vertically integrated digital car marketplace in Europe, combining the leading digital brands across the segments of Consumer to Business (C2B), Business to Business (B2B) and Business to Consumer (B2C). Across our digital platforms we exceed £20 billion of Gross Merchandises Value (‘GMV’) on an annual basis. This includes market leading brands such as BCA, We Buy Any Car, cinch and Marshall.

The Constellation Technology Team provides a
- wide set of Technology Products and Services across the Constellation Automotive Group. We are a central function working across the following domains: Technology Operations, Cyber Security, Product, Engineering, Enterprise Applications, Logistics, Architecture and Portfolio; across the UK and Europe.

The Role

A
- critical role working within the Chief Information Security Office for the Constellation Automotive Group (CAG) as a SOC Analyst to ensure security incidents and privacy issues are quickly identified, contained and fully investigated.

Reporting to the Security Operations Centre Manager, this role is a unique opportunity to directly influence the security experience of our customers. As we continue to grow our digital story, your specialist capabilities will play a key part in our future.

Key Responsibilities:

• Conduct network monitoring and intrusion detection analysis using various computer network defence tools, such as intrusion detection/prevention systems, firewalls and
  - based security systems.
• Conduct
  - based and
  - based threat detection to detect and protect against threats coming from multiple sources.
• Deploy
  - centric detection to detect threats related to cloud environments and services used by the organization.
• Correlate activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity.
• Review alerts and data from sensors, and document formal, technical incident reports.
• Work with threat intelligence and/or
  - hunting teams.
• Provide network subscribers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
• Support the creation of business continuity/disaster recovery plans, including conducting disaster recovery tests, publishing test results and making changes necessary to address deficiencies.
• Work with security information and event management (SIEM/XDR) to manage/tune the system, create/manage the detection content and actively watch for alerts.
• Correlate network, cloud and endpoint activity across environments to identify attacks and unauthorized use.
• Research emerging threats and vulnerabilities to aid in the identification of incidents.
• Provide users with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
• Perform security standards testing against computers before implementation to ensure security.

Requirements:

Knowledge

• Degree level education or equivalent experience, ideally in cyber security, technology, computing or a related field.
• Experience plus qualification/certifications from SANS, ISC2, Comp
  TIA or other equivalent industry certifications (Net+, Sec+).
• Knowledge and/or experience in email gateway defence tooling and brand protection software.
• In-depth knowledge of the latest security vulnerabilities, exploits and malware attack vectors.
• Experience plus qualification/certifications from Cloud providers such as AWS, MS Azure etc.

Experience

• 0-2 years of experience in Security Operations; 2+ years of experience in enterprise IT, system technology, infrastructure, integration, cloud, hosting and shared technology services.

Skills

• An ability to effectively influence others to modify their opinions, plans or behaviours.
• Employ appropriate methods of persuasion when soliciting agreement and demonstrating both empathy and assertiveness when communicating need/impact or defending a position.
• Make accurate and independent analytical judgments.
• Strong
  - solving and troubleshooting skills. Maintain excellent stakeholder management and build strong relationships.
• Swiftly build an understanding of a business area, and how it fits into the wider enterprise organisation. Self-prioritise multiple workstreams in response to rapidly changing business needs.
• Outstanding written and verbal communication skills with the ability to describe complex & abstract security and technical concepts up to board level.

Please note that only applications submitted in English will be considered.

Our policy is to employ the best qualified people and provide equal opportunity for the advancement of employees including promotion and training and not to discriminate against any person because of gender, race, ethnicity, age, sexual orientation, religion, belief or disability.