SOC analyst in Fin Plus Plus

In connection with the expansion of the team, we are looking for a reliable, smart, attentive and responsible SOC Analyst who is ready to join our team. Work in the office in Dnipro for a trial period, after which, if desired, there is an opportunity to work remotely. during the trial period in the office (3 months), we compensate for the cost of living in the city of Dnipro. Your functions will include:? Monitoring dashboards and working through Security Event Management (SIEM) alerts to identify incidents of unusual behavior by network users/hosts? Building analytical queries in Splunk Enterprise to identify incidents? Documenting incidents, assessing damage and impact? Administration of the Microsoft Update System Service (WSUS)? Eliminating technical debt by metrics? Participation in the elimination of the consequences of incidents: installing patches, restoring information from backup copies, updating antivirus databases, etc.? Ensuring the implementation and improvement of incident monitoring processes? Incident Management and Incident ResponseJob Requirements:? Understanding of the basic aspects of ensuring information security (confidentiality-integrity-availability)? Knowledge of information security standards and best practices (ISO27000, CIS controls, SANS Top 20 Critical Security Controls, etc., OWASP Top 10)? Experience in operating systems administration: Microsoft Windows/Linux? Experience managing operating system services (AD, Exchange, DNS, DHCP, web servers, etc.)? Experience with command line utilities tcpdump, iptables (nftables), firewalld? Understanding the incident handling lifecycle (analysis, impact assessment, remediation)? Understanding the purpose of a Security Information Event Processing (SIEM) system.? Ability to flexibly manage priorities? Understanding the functions and purpose of cyber security tools (IDS/IPS, FW, WAF, DAF, SIEM, etc.)? Experience with one of the leading vendors' endpoint security solutions (CISCO, Symantec, TrendMicro, ESET, etc.)? 2+ years of experience as a system administrator or 2nd level support line? Higher education in one of the fields: computer, mathematical or engineering sciences. We offer: • Salary depends on your level • Work in the Dnipro office for a trial period, after which it can be remote if desired • 8-hour working day • Internal training company• Opportunity for career and professional growth• For non-residents during the trial period in the office (3 months), we compensate the cost of living in the city of Dnipro. We are waiting for your resume!