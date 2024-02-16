Security Analyst (Security Operations Team)
This is our Security Analyst role for those who strive to implement functional processes and drive them to full completion.
Tasks in the role
Responding to security incidents, investigating and analyzing them, and coordinating with other teams, such as IT, network operations, and management, to ensure a timely and effective response to security incidents.
Developing and refining SIEM correlation rules, designing and maintaining playbooks, configuring any necessary exceptions, and documenting all changes and implementations for future reference.
Conducting research on emerging threats, vulnerabilities, and security technologies, preparing analytical research and potential risk assessments.
Work with vulnerability analytics to identify potential vulnerabilities, analyze their impact, and prioritize actions.
Who we are looking for
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
Minimum one year of experience as an L1/L2 SOC Analyst or any other similar role with a focus on Security/IT operations and incident response.
Understanding of the basic principles of security, experience with the tactics and techniques used by attackers, main attack vectors, and methods to detect them (OWASP TOP10, CVE, MITRE ATT&CK).
Knowledge of essential security measures for web applications, including setting appropriate cookie security flags to protect against attacks and understanding the Same-Origin Policy to restrict unauthorized interactions. Familiarity with XHR and CORS.
Basic understanding of prevalent web security threats, such as Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and SQL injection. Ability to recognize them in applications logs/payloads.
The ability to respond to and investigate moderately complex incidents with playbooks, which require communication with other teams.
Can perform complex analytical tasks requiring research from multiple, unclear information data sources.
Familiar with modern development workflows, understanding terms like repository, library, and pipeline. Knows what Git, Ansible, and Docker are.
Understands the basics of log collection and has experience in developing correlation rules (preferably in Splunk).
It is crucial for an analyst to take initiative, make decisions, and solve problems without constant supervision. We expect that you can at least plan your day and prioritize tasks.
As a SOC Analyst, effective communication is key. You need to ask questions and sometimes explain complex security issues to colleagues, employees, and to people who may not be tech-savvy.
The cybersecurity landscape is continuously evolving, with new threats and vulnerabilities emerging constantly. Therefore, it's essential to have a strong ability to learn and process new information on a daily basis.
They say there are no perfect candidates, but that might well be you, if
You have experience with vulnerability management, which is greatly advantageous, as it boosts your superhero powers to spot and squash potential security threats.
Having experience in finding and exploiting vulnerabilities through penetration testing or code reviews is like being a detective in a mystery novel, but instead of looking for the murderer, you're looking for the "bug"ger.
If you've navigated through significant security incidents before, that's a notable achievement! After all, you've already danced with the flames and lived to tell the tale.
Knowing Python and automation skills is like having a secret decoder ring for machine language. If you want to survive the upcoming AI revolution, you better start speaking their language.
Since we're on the defense, being familiar with Threat Intelligence (TI) is beneficial. It's like playing hide and seek but knowing all the hiding spots before the game even starts.
You share our common values: Trust, as we prefer to speak up and be our true selves; Sense of Ownership, as it’s not worth wasting time on something you don’t believe in; and enthusiasm for Constant Change, as we are always looking to make things better.
A bit about the team
You can get to know the team better at one of the interviews, but some brief information about future colleagues will be useful now.
We are an actively growing security team using modern security approaches and tools. We are proud of the high level of responsibility and results of our work. It motivates us to grow and contribute more to the company's success!
Semrush Security Department contains:
Application Security Team
Infrastructure Security Team
Enterprise Security & Compliance Team
Security Operations Team
As Semrush continues to grow, so does our demand for simplifying and automating workflows to meet the needs of our internal teams, partners, and external users.
