SOC Analyst (Level 1)

AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals and minerals – safely, efficiently and more sustainably.

We’re the first software business in the world to have our sustainability targets validated by the SBTi, and we’ve been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We’ve also recently been named as one of the world’s most innovative companies.

If you’re a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers.

For more information about our privacy policy and how to manage cookies, visit our Privacy Policy.

• Ready to work in 24/7 shift timings.
• Excellent communication (written and oral) and interpersonal skills
• Monitor security systems and networks for suspicious activity.
• Validating alert triggered by security information and event management (SIEM) tools.
• Triage events and investigate to identify security incidents.
• Investigate security incidents and determine their severity.
• Contribute to incident response, maintaining relevant communication and information in emails, ticket summaries, analysis and reporting.
• Escalate security incidents to the next level for further investigation.
• Make recommendations for ongoing tuning and updates to the SIEM system.
• Creating/update workflow in alert triage.
• Participate in security audits and compliance reviews.
• Keep up with the latest security threats and trends.
• Perform incident response using AVEVA defined Security Incident Response framework such as NIST.
• Provide regular reports to management on the state of the organization's security.
• Reports to Digital Forensic and Incident Response Manager concerning security events, incident trends, residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.

• Under the guidance of Digital Forensic and Incident Response Manager:
• Assist with control improvements to identify control weaknesses and contributes to vulnerability advisories.
• Participates in security investigations and compliance reviews, as requested by internal or external auditors.
• Assisting with audit finding remediation, action plans. track progress and provide status updates to the enterprise compliance team for reporting purposes.
• Maintain awareness of applicable regulatory standards, upstream risks, and industry leading security practices.
• Provide feedback and recommendations on existing and new security tools and techniques for the improvement of analysis, incident investigation and security controls.

• Minimum of 18 months experience as SOC Analyst or Incident Response or Security Operations Centre role.
• Bachelor's degree in information systems or equivalent work experience in relevant information and cyber security domain.
• Security certification from a recognised organisation such as ISC2, CompTIA, ECCouncil, SANS Institute is as advantage.

• Excellent technical knowledge of Microsoft Operating Systems. Knowledge and experience of Linux and Macintosh.
• Extensive knowledge in SIEM monitoring and level 1 triage.
• Technical knowledge of:
• Network traffic and protocol analysis of security events from network devices, firewalls, intrusion detection and prevention systems
• Endpoint Detection and Response solutions
• Endpoint protection and anti-malware solutions
• Identity and access management (IAM) systems
• User access control monitoring systems
• Email and phishing protection
• Security Threat Hunting
• Forensic evidence handling
• Cloud security, such as Azure or AWS
• Awareness of the Mitre ATT&CK framework and how it can be used to learn an adversary’s tactics and techniques and focus incident response.
• Knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls.
• Knowledge and experience in developing and documenting security processes and plans.
• Experience with common information security management frameworks, such as International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST) or Centre for Internet Security (CIS) frameworks.

• Strong analytical thinking skills with strong written and verbal communication and a good attention to detail.
• Ability to manage complex tasks with minimal supervision in team situation and communicate effectively with broad range of individuals.
• A strong internal client focus, with the ability to manage expectations appropriately, to provide a superior internal client experience and build long-term relationships.
• Passionate about security, with a keenness to develop own skills and knowledge outside of working environment.
• Confident in recording and presenting key findings and conclusions to different levels of the business.

AVEVA requires all successful applicants to undergo and pass a comprehensive background check before they start employment.  Background checks will be conducted in accordance with local laws and may, subject to those laws,  include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check.  Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.

AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.
 
Come and join AVEVA to create the transformative technology that enables our customers to engineer a better world.