We are Quadcode, a company that develops a SaaS trading platform for clients all around the world.
Now we are looking for a SOC Analysts for the Security Operations Centre.
Teams' key responsibilities include but not limited to - data aggregation, security events normalisation and monitoring, timely response to security threats.
Tasks in the role
- SOC code base improvement (detection and response);
- development and testing of the response playbooks;
- detection rules development;
- events monitoring and incidence management process improvement.
- events correlation rules development;
- incidents response playbooks development and their automation;
- security events analysis and monitoring;
- partaking and/or leading the incident response processes;
- search, analysis and coordination of vulnerabilities elimination;
- detection rules operational checks via attacks emulation;
- security tools research and development;
- conducting periodic exercises to respond to security incidents;
- connection of the new log sources and processes to SIEM and SOC tools;
- define requirements for the secure configuration of the operating systems, networks and services in terms of processing of the information security incidents.
- 3+ years of experience in an Information Security;
- 1+ year of relevant experience as a SOC analyst;
- experience with vulnerabilities triage;
- L2 analyst research experience, including cases of remote specialists engagement;
- experience with collecting indicators of compromise from various systems;
- experience with operational checks of correlational searches via attacks emulation;
- deep understanding of IT security domain;
- deep understanding of incident response process;
- base understanding of methods, tactics and procedures at different stages of attacks;
- knowledge of identification and evaluation of indicators of compromise associated with malware\attacker toolset;
- base experience with network IDS management and rules writing\tuning;
- knowledge and experience working with Mitre ATT&CK;
- knowledge of underlying defence mechanisms of modern operational systems;
- SQL knowledge and relevant experience with relational databases;
- knowledge of common cases of networks, infrastructure and web application attacks.
Nice to have
- working experience in FinTech industry;
- deep understanding of modern IT tech;
- experience working with SIEM-systems maintenance;
- experience with regular expressions writing;
- experience dealing with vulnerabilities in software and applications;
- experience working with vulnerabilities scanners (nmap, Nessus);
- experience working with EDR;
- experience with network traffic analysis.
- relocation opportunity to Cyprus after a trial period;
- remote or hybrid work model in our Cyprus office;
- health insurance and mental health services;
- 13th salary and 21 vacation days per year;
- provided lunches or food allowance;
- monthly tuition reimbursement (kindergartens/schools);
- English and Greek lessons;
- provided professional courses: from Coursera to Harvard;
- sports reimbursement;
- team buildings and parties (e.g. Japan Day at the office);
- gifts for work anniversaries: from AirPods Pro to MacBook Pro;
- bonuses for special events (e.g. child's birth).
Relocation package includes
- visa support, an opportunity to get an EU citizenship;
- preparation of all documents (fully provided by the company);
- flight tickets coverage for employees and their families;
- free corporate apartment for 2 months;
- full coverage of migration costs while in Cyprus;
- reimbursement of a rental car or transport allowance for 2 months.