Senior SOC Analyst
The Senior SOC Analyst role, within our Security Operations team, has a primary responsibility to perform in-depth analysis and investigation of security alerts across our internal infrastructure and online platforms. The role will play a key part in identifying potential security incidents and supporting an effective response to help protect our key assets and online games.
The role will be pivotal in shaping and building out our 24/7 global SOC capability.
The main duties of the Senior SOC Analyst will be to:
- Perform in-depth investigation and analysis of security alerts to identify potential security incidents.
- Support the build out and development of a global 24/7 SOC environment and team.
- Ensure incidents are appropriately generated, prioritised in line with defined SLA’s and assigned for resolution.
- Consult with key stakeholders (e.g. IT/online operations) during investigations to gather further information, coordinate response actions and incident reporting.
- Work directly on-site or remotely with stakeholders during major incidents to support eradication of threats, analysis of damage and deployment of countermeasures.
- Manage, maintain and enhance SOC tooling to improve detective capability.
- Optimise and tune log sources in conjunction with the Information Security team.
- Conduct forensic analysis of artefacts and reverse engineering of malware to support incident investigation.
- Lead root cause analysis and post incident reviews working with the information security team to identify and plan improvements.
- Produce incident response playbooks to drive a consistent approach to handling common incidents.
- Build out and improve security operations processes.
- Collect, consume and analyse cyber threat intelligence to drive appropriate action within the SOC or wider IT environment.
- Perform longer term trend analysis of events, alerts and security incidents to inform future strategic security direction.
- Maintain a comprehensive viewpoint of both internal IT and online environments and key company assets to enhance decision making and response to incidents.
- Supporting the hiring and mentoring of junior SOC analysts.
This role would be suitable for a proactive individual motivated by the prospective of having a significant influence in shaping and establishing a new Security Operations team.
Head of IT Security, Information Security Manager, IT and Online Operations teams, Online Services Division
Information Security Manager
Knowledge and Experience
The successful candidate must have the following experience:
- 5+ years working in relevant SOC analyst roles.
- Background in security/IT/network engineering or administration or software development.
- Relevant certifications such as GCIA, GCDA, GCED, GDAT, GCFA, GCTI.
- Experience in a team management and coaching of junior analysts.
- Bachelor’s Degree in Information Security / Computer Science or a related discipline.
- Experience responding to or handling major cyber security incidents.
- Experience in designing and developing Security Operations capabilities.
Desirable Technical Qualifications:
The successful candidate must be able to demonstrate general knowledge and experience in some of the following areas:
- Querying structured security log data through the use of appropriate query languages, e.g. Apache Lucene, etc.
- Analysing structured security log data through the creation of aggregated / correlated reports or visualisations.
- Building re-usable visualisations / dashboards for security alert triage, threat hunting and similar use cases, etc.
- Thorough experience of the configuration, tuning and maintenance of SOC tools.
- Network device (firewalls, routers, switches, IDS) and system (Linux/Windows) administration.
- SOC automation development and Cloud operations.
- Experience with Endpoint Detection and Response (EDR) tools.
- Experience operating vulnerability scanning tools.
- Programming and scripting skills.
- Working knowledge of OSI protocol stack.
- Working knowledge of common security vulnerabilities and exploits.
- Strong appreciation of the cyber threat landscape and attacker TTPs.
- Experience developing Security Operations process and playbooks.
Please note that Square Enix does not accept speculative candidate submissions from recruitment agencies.