Security Operations Centre (SOC) Analyst
Location:
The Hague, the Netherlands
Security Clearance:
EU Secret
Reference No:
VS/ATO-11 / The Hague
Deadline for Application:
29.06.2026 r.
Skills, knowledge, experience required:
- Experience as a Security Operations Centre Analyst;
- Minimum 1 year of experience in using, configuring, and tuning a security information and event management (SIEM) tool, ideally Splunk and/or ArcSight;
- Experience with a log management solution such as HP ArcSight Logger and/or Splunk or equivalent;
- Experience in writing and optimizing IDS signatures (preferably Snort and/or Suricata);
Knowledge on:
Network security solutions and technologies such as:
- Firewalls;
- Network intrusion detection systems (IDS);
- Intrusion prevention systems (IPS);
- Host-based security solutions:
- Host-based intrusion prevention systems (HIPS);
- Malware end-point protection;
- Operating system logs;
Good knowledge on:
- MS Windows security events analysis;
- Security analysis of firewall, proxy, and IDS logs;
- Excellent analytical and critical thinking skills;
- Very good interpersonal skills with the ability to work well both independently and in a team;
- High degree of commitment and flexibility;
- High level of customer and service orientation;
- Ability to work effectively in an international and multi-cultural environment;
- Readiness to work in a 24/7 shift mode;
- Very good communication skills in English, verbally and in writing.
Desirable:
- Experience in writing and optimizing YARA rules.
Duties/role:
- Acting as the 1st line of response regarding a potential occurrence of a cyber-attack or security incident, supported by several automated tools such as IDS, log correlation engines and SIEM, ticketing system, and alerts and warning from internal and external sources;
- Receiving, triaging, and responding to alerts, requests, and reports;
- Analysing events and potential incidents;
- Providing the primary support for Incident Responders;
- Assessing whether a security incident or the level of exposure of a vulnerability is a true or false positive, tagging the vulnerability or incident with an initial severity classification, and activating the corresponding incident response playbook entry;
- Following pre-defined procedures to perform technical tasks related to identity and access management (IAM).
Additional information:
If you are interested, for further information, please contact the point of contact for this offer.
VECTOR SYNERGY sp. z o.o., ul. Marcelińska 90, 60-324 Poznań, NIP PL7811857270, REGON 301575740, KRS: 0000369575
Rejestr Przedsiębiorców KRS prowadzony przez Sąd Rejonowy Poznań – Nowe Miasto i Wilda w Poznaniu, VIII Wydział Gospodarczy KRS, kapitał zakładowy wynosi: 73.852,80 złotych wpłacony w całości, TEL +48 616684500, FAX +48 616684501, www.vectorsynergy.com,
[email protected]