Senior SOC Analyst - WROCLAW, Polska - AXA Group

Opis

AXA XL has an exciting opportunity for an experienced L3 Senior SOC Analyst to join the Security Operations team, supporting security incident investigations across the organisation's global infrastructure and respond to escalations from the Level 1 and 2 SOC teams. The successful candidate will have a history of successfully managing complex and high severity cyber security incidents. We're looking for candidates with experience in SOC operations and incident response.

DISCOVER your opportunity

What will your essential responsibilities include?

• Take full ownership of incidents escalated by Level 2 analysts.
• Conduct complex investigations and provide advice to L2 SOC analyst.
• Develop customized scripts and procedures to automate repetitive tasks and improve the efficiency of incident response activities.
• Provide expert advice on incident remediation and recovery efforts.
• Develop threat remediation strategies.
• Perform proactive analysis of AXA XL's attack surface and advice on potential threat and attack vectors.
• Review and provide feedback on security control capability gaps based on security intrusion trends.
• Create and refine runbooks/playbooks for all alerts.
• On-board log sources and work on log issues.
• Fine-tune EDR and other tooling to exclude noise and false positives.
• Create and fine-tune content in SIEM - correlation rules, Dashboard and Reports.
• Interact with SIEM, EDR and other SOC tooling vendors (TAC Support) to remediate any issues with tooling.
• Monitor API threat detection, reporting and containments.
• Demonstrate experience in conducting digital forensics investigation relating to incident detection and response.
• Responsible for taking decisions and identifying required actions. During high severity security incidents, you will advise the AXA XL Head of SOC, CISO and CSO on appropriate containment, eradication, and remediation measures.
• Provide an afterhours point of escalation for critical incidents.
• Define the operational roadmap and key metrics for incident detection and response.
• Collaborate with internal stakeholders to align on and implement security incident detection and response processes.
• Develop SOC security incident policies and investigation procedures, for use across multiple information systems and teams.
• Conduct compliance monitoring and perform SOC/SIEM security control testing.
• Analyze, define, and manage the delivery of new SIEM rules.
• Conduct use case testing and modify or create as and when required.
• Create new custom detection rules using KQL.
• Design and implement SIEM and EDR enhancements and configurations.
• Manage and represent the Security Operations team on ethical hack exercises.

You will report within the Security Operations Team, which is part of the AXA XL Information Security team.

SHARE your talent

We are looking for someone who has these abilities and skills:

• Good knowledge of Microsoft Defender and Microsoft Sentinel, including developing complex KQL queries
• Experience of performing digital forensics investigations.
• Experience of developing scripts (Python, and Powershell, etc.) quickly in reaction to incidents.
• Demonstrate experience and knowledge in information security principles applied to architecture, network & systems, digital forensics, security risk assessments and software development).
• Good knowledge and understanding of technologies utilized in cyber security (SIEM, SOAR, Firewalls, IAM, IDS/IPS, Anti-malware, End Point Protection, Database Security, Threat management/intelligence).
• Actionable knowledge of MITRE ATT&CK framework.
• Knowledge of exploitable vulnerabilities and remediation techniques.
• Experience of automating manual processes for responding to security incidents.
• Experience of threat intelligence and CERT/CSIRT activities.
• Knowledge of current threat actor techniques.
• Understanding of threat landscapes and threat modeling, security threat and vulnerability management, and security monitoring.
• Awareness of tools and techniques used by attackers to enter corporate networks, including common IT system flaws and vulnerabilities.
• Excellent troubleshooting and critical thinking skills.
• Experience in SOC documentation development.
• Demonstrated experience in communicating complex security concepts, both verbally and in writing, to a variety of audiences.
• Must take ownership of tasks and demonstrate high degree of autonomy to ensure completion.
• Must be personable and foster good stakeholder and peer group working relationships.
• · Certifications such as CISSP, GIAC, CEH or other.

FIND your future

AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we do not just provide re/insurance, we reinvent it.

How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and specialty.

With an innovative and flexible approach to risk solutions, we partner with those who move the world forward.

Learn more at

Inclusion & Diversity

AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic.

At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That is why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential. It is about helping one another — and our business — to move forward and succeed.

• Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe
• Robust support for Flexible Working Arrangements
• Enhanced family friendly leave benefits
• Named to the Diversity Best Practices Index
• Signatory to the UK Women in Finance Charter

Learn more at AXA XL is an Equal Opportunity Employer.

Sustainability

At AXA XL, Sustainability is integral to our business strategy. In an ever-changing world, AXA XL protects what matters most for our clients and communities. We know that sustainability is at the root of a more resilient future. Our Sustainability strategy, called "Roots of resilience", focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations.

Our Pillars:

• Valuing nature: How we impact nature affects how nature impacts us. Resilient ecosystems - the foundation of a sustainable planet and society – are essential to our future. We are committed to protecting and restoring nature – from mangrove forests to the bees in our backyard – by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans.
• Addressing climate change: The effects of a changing climate are far reaching and significant. Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption. We are building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions.
• Integrating ESG: All companies have a role to play in building a more resilient future. Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business. We're training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting.
• AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL's "Hearts in Action" programs. These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day – the Global Day of Giving.

For more information, please see