SecOps and SOC Analyst
Kraken
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇬🇧 United Kingdom
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
Cloud
About the role
- Working as part of a Global Security Operations team and Security Operations Center (SOC) you will be responsible for:
- Monitoring, triaging, and investigation of security incidents on Kraken’s infrastructure and Client instances
- Responding to alerts generated by our Security Information and Event Management (SIEM) system
- Automating and continuously expanding the detection capabilities
- Analysing application, Cloud and access logs and events to identify potential security threats and vulnerabilities and coding this analysis for future playbooks
- Identifying where escalation of incidents, or notification to third parties may be required
- Providing incident response support working with our engineering and product teams where necessary
- Maintaining, improving and automating incident response processes and playbooks, to continually improve the team's capabilities
- Preparing reports and incident summaries, as well as reviewing and improving the content and presentation of reports produced by the team
- Maintaining and updating security incident documentation including analysis findings and recommended mitigation strategies, automating wherever possible
- Liaising with stakeholders in relation to incident root cause and providing remediation/improvement recommendations
- This role requires participation in a roster covering weekends and public holidays, in co-ordination with other team members globally, in order to deliver a 24x7 operations capability.
- This is a critical role in a growing, global team. You’ll have the opportunity to get involved in exciting and innovative security-related initiatives and we encourage you to take on new challenges that align with your skills and interests, collaborating with other teams to drive improvements in security across our entire organisation.
Requirements
- A strong Security Operations and technology background
- Experience in using SIEM platforms to analyse and respond to security alerts
- Familiarity with EDR (Endpoint Detection and Response) tools and their capabilities, including host containment and evidence preservation
- Knowledge of best practices for analysing incidents and logs in a cloud environment
- An understanding of how different mitigation strategies can contain and respond to security events
- An understanding of Cloud and software architectures
- Strong analytical and problem-solving skills, with the ability to identify, triage and mitigate incidents
- Ability to clearly communicate and document incident activities
- A passion for security, a drive to improve security alerting and response processes by harnessing technology and automation
- Good experience in at least some of the areas mentioned above (we’re not expecting any candidate to be an expert in all areas)
Benefits
- Competitive salary
- Flexible working hours
- Professional development budget
- Home office setup allowance
- Global team events
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
Security OperationsSIEMEDRincident responsecloud environment analysislog analysisautomationmitigation strategiessecurity threat identificationcoding for playbooks
Soft skills
analytical skillsproblem-solving skillscommunicationdocumentationcollaborationstakeholder liaisonadaptabilityinitiativeteamworkdrive for improvement