JOIN OUR DEVELOPMENT TEAM
At Levi Nine we are passionate about what we do. We love our work and together in a team we are smarter and stronger. We work in a dynamic and challenging environment with talented and forward-thinking people who are part of creative and innovative teams. We are looking for skilled team players who make change happen. Are you one of these players?
OUR PARTNER:
Our partner, ABN AMRO Clearing, is a global leader in the domain of clearing, offering access to a wide range of listed instruments on markets across the globe.
IT is at the heart of their organization with more than 30 different product teams and 10 different platform teams that are trying to build the best products & services for their customers.
Their presence in important financial centers like Amsterdam, Chicago, Sydney, Singapore, Tokyo Hong Kong, London, Sao Paulo, Frankfurt and Iasi, allows them to effectively serve clients worldwide and maintain close proximity to their diverse customer base.
THE ROLE INVOLVES:
The vacant role contains multiple aspects of work in a Security Operations Centre. The primary focus for this role is on Security Monitoring, improving our partner's current capability both on technology and process… and the occasional vulnerability review.
Security Monitoring it's about triaging security alerts and resolving incidents. The alerts are often escalated via the Managed Security Service Provider (MSSP) who provides Tier-1 SOC services to our partner, during the week, and the weekend.
You will then swiftly perform triage and decide what actions should be done to contain the threat. If it becomes a security incident, it's expected you can resolve it from start to finish, while taking more junior team members along the way.
For the analysis you will have access to several sources such as EDR, Firewalls, endpoints, and application logging. If an alert escalates to a security incident, you either resolve it yourself or connect with a team member to resolve it together.
Within Vulnerability Management you analyze and escalate vulnerabilities. These vulnerabilities are then picked up by different teams within the organization for them to resolve.
Besides the daily operations a big part of your role will be actively identifying areas of improvement, working with stakeholders to get these done, and supporting junior team members in their growth.
An important stakeholder is the team who manages the Security Monitoring platforms. You support them with security knowledge and decision on what would make the platform more fit for purpose. Besides the platforms an improvement can range from a small modification of the process or the implementation of a whole new tool, all while working together and challenging the stakeholders who are a part of this process.
As a Senior SOC Analyst, you play a critical role in keeping the company safe by assessing the risk and impact of detected vulnerabilities and security incidents in a highly regulated environment.
Responsibilities:
Triage incoming cyber security alerts escalated from our MSSP.
Investigate cyber security incidents and lead investigations to contain and remediate them.
Identify detection gaps and collaborate with platform owners to improve alert fidelity, reduce noise, and enhance monitoring capability.
Partner with the team managing SIEM, EDR, and logging platforms to advise on tuning, configuration improvements, and onboarding of new data sources.
Drive process improvements within the SOC by identifying bottlenecks and redesigning workflows to increase efficiency and clarity.
Lead the implementation of new SOC tooling or enhancements, including evaluation, testing, deployment, and integration into daily operations.
Provide expert input into detection logic, alert requirements, and platform configuration based on threat behavior and observed incidents.
TECHNICAL PLAYGROUND:
6+ years of experience as a SOC Analyst.
Proven experience working with Splunk: deep tuning and content engineering.
Experience with the incident response life cycle (leading, end-to-end).
Proven relevant experience in security operations work: security alerts triage owning escalated alerts and mentor juniors.
Good understanding of threat hunting: planning and running hunts.
Detection Engineering Input: experience working with detection engineers.
Leading knowledge sharing sessions and involvement in initiatives involving external representation.
NICE TO HAVE:
Certifications such as the following would be desirable but not mandatory: GCIH, GDAT, GCDA, GISP, OSDA, CCFR, SC-900, SC-200, Splunk.
A keen interest in cyber security and a desire to learn more.
Strong communication skills with stakeholders who are technical and non-technical, internally and external.
Experience supporting junior team members.
A drive to improve the current way of working.
Relevant university degree in Computer Science, Engineering, or a related field.
SOFT SKILLS:
Fluent English, with good written and verbal communication skills.
Strong problem-solving skills and a proactive attitude.
Taking ownership on work that needs to be done, and you are flexible regarding possible standby hours.
Ability to give and receive feedback and not afraid to ask questions.
Experience the next level in technology services.
We are the leading technology service provider, consistently exceeding our customers' highest expectations. We tackle the most critical business challenges by providing top-tier technology services. While others set boundaries, we go beyond. Together with our customers, we explore the limits of what’s possible. We push boundaries to deliver excellence and surpass your expectations. Every time.
We believe that meaningful relationships fuel the most successful projects. Our approach, through collaboration, honest communication, and unwavering commitment to every customers, builds long-term partnerships that benefit everyone. Ultimately, we strive to be recognised not just for the quality of what we deliver, but also for the enjoyable way we work together.
