Soc Analyst

As a leading provider of AI-powered extended managed detection and response (MXDR) services, Ontinue is on a mission to be the most trusted, 24/7, always-on security partner that empowers customers to embrace the future by using AI to operate more strategically, at scale, and with less risk. We believe that the combination of AI and human expertise is essential for delivering effective managed security that is tailored to a customer's unique environment, operational constraints, and risks. Our MXDR service combines powerful proprietary AI with a one-of-a-kind collaboration model to continuously build a deep understanding of our customers' environments, informing how we prevent, detect, and respond to threats. Our unrivalled Microsoft expertise allows customers to achieve these outcomes with the Microsoft Security tools they already own. The result is highly localised managed protection that empowers security teams to be faster, smarter, and more cost efficient than ever before. Continuous protection. Always-on prevention Services. Nonstop SecOps. That's Ontinue. 
 
Your Mission 
As a Cyber Defender (SOC Analyst), your curiosity drives you to constantly learn and grow from responding to a variety of attacks. Your diligence and attention to detail enable you to spot attacks accurately and deliver topmost quality. Next to direct operations work, you contribute to projects interfacing with other internal teams as well as customers to constantly move our service forward.

Your Responsibilities 
 Incident Response: 

• Act as a key point of contact for major security incidents, coordinating response efforts and ensuring timely resolution. 

• Conduct thorough post-incident analyses to identify root causes and enhance incident response procedures. 

• Experience in working with Microsoft Security technologies, including but not limited to Microsoft Sentinel, Microsoft Defender XDR, and Azure Security Center. 

• Experience with SOC tools such as SIEM, EDR, DLP. 

• Passion for finding and remediating cyber security threats.

• Working or expert knowledge of networking concepts, including TCP/IP, DNS, routing, firewalls. 

• Working or expert knowledge of common threat actor TTPs. 

• Experience in coordinating and leading incident response efforts within a Security Operations Center (SOC) environment, ensuring swift and effective resolution. 

• Microsoft Security Stack Proficiency (extensive experience working with the Microsoft security stack, including Azure Sentinel, Microsoft Defender for Endpoint, Azure Security Center, and Microsoft 365 Defender, with a deep understanding of their capabilities, configuration, and integration for effective threat detection and response. 

• Working or expert knowledge of operating systems internals, Windows, Mac, Linux. 

Continuous Improvement: 

• Proactively identify areas for improvement in security operations and recommend enhancements to processes, tools, and technologies. 

• Stay abreast of the latest cybersecurity trends, threats, and technologies to ensure our security posture remains cutting-edge.

Required Skills:

• University degree in Information Security, Computer Science, or equivalent professional experience. 

• At least 2-4 years of security operations, system administration, penetration testing, or security software development. 

• Ability to work effectively in a fast-paced and dynamic environment. 

Communication and Leadership: 

• Exceptional communication skills, both written and verbal, along with a proven ability to collaborate with cross-functional and multi-national teams. 

Certifications and education: 

• Relevant certifications such as BTL1, Security+, Microsoft SC-200 etc. are highly desirable. 

• Degree in a relevant field or equivalent work experience.

Technical Skills: 
Proficiency in log analysis, scripting (e.g., PowerShell), and familiarity with network protocols and operating systems, enabling you to effectively analyse security events, develop custom detections, and automate response actions within Microsoft environments. 
 
Communication Abilities: 
Excellent communication skills, both verbal and written, with the ability to articulate complex technical concepts to non-technical stakeholders, facilitate collaboration within the SOC team, and provide clear and concise incident reports and recommendations. 
 
Leadership Experience: 
Demonstrated leadership experience in incident response, including incident coordination, stakeholder communication, and crisis management, with the ability to remain calm and focused under pressure while guiding the team towards successful resolution. 

What we offer:
We have been recognized as an outstanding place to work On top of a competitive salary, we also offer an enhanced benefit package, flexible 'me days', annual subscription to headspace and volunteer days. Come as you are We search for amazing people of diverse backgrounds, experiences, abilities, and perspectives. Ontinue welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, disability, or veteran status.