Syntax is a leading Managed Cloud Provider for Mission Critical Enterprise Applications and has been providing comprehensive technology solutions to businesses of all sizes since 1972. Syntax has undisputed strength to implement and manage ERP deployments (Oracle, SAP) in a secure and resilient private, public or hybrid cloud. With strong technical and functional consulting services, and world-class monitoring and automation, Syntax serves some of North America’s largest corporations across a diverse range of industries. Syntax has offices worldwide, and partners with Oracle, SAP, AWS, Microsoft, IBM and other global technology leaders.
Analyst Tier 1 is responsible for managing the Alert queue for their designated team. This includes ensuring that alerts are processed within the SLA designated in the customer contract as well as ensuring communication for escalations is handled to the appropriate member of the SOC organization or appropriate customer or internal organization according to established style guides.
The analyst is expected to document and communicate a basic level of descriptive analysis indicators to assist customers and incident responders in reducing the dwell time of threats in the customer's environment as well as assisting in reducing then overall risk to the organization and customers. Analysts are also expected to begin developing their own processes and workflows which can assist in refining and improving SOC functions.
The analyst will develop an understanding of developing and maintaining threat models to assist in threat intelligence collections and threat hunts as well as use case development to disrupt adversarial activity more effectively. Additionally, that analyst will be mentored by senior analysts and team specialists to assist in developing a foundational understanding of Vulnerability Management, Cyber Threat Intelligence and Threat Hunting, Incident Response and Threat Emulation, as well as packet analysis and the fundamentals of Forensic Collections and Analysis.
Competencies
An analyst 1 candidate should be able to demonstrate competency in the following areas:
- Basic skill and understanding of IT systems and Processes
- Ability to learn quickly and follow basic instructions
- Communicate effectively and quickly
- Operate under pressure and time constraints
- Establish effective workflows to manage time and effort
- Ability to ask questions to clarify and the ability to perform research
Analyst 1 candidates should also demonstrate the following characteristics:
- Team player able to work remotely in a global distributed and multi-cultural team in different time-zones.
- “Can-do-it” attitude
- Kindness, ability to work with people, good communication and interpersonal skills.
Role & Responsibilities
- SIEM Alert Analysis: Monitor and investigate alerts generated by the SIEM platform, ensuring timely identification of potential security incidents. Analyze alerts to determine their validity, severity, and impact, and escalate as necessary.
- Incident Triage: Conduct initial triage of security events and incidents to assess their potential risk. Collaborate with senior analysts to prioritize and categorize incidents for further investigation or resolution.
- Security Fundamentals: Adhere to established security protocols, guidelines, and best practices to maintain the confidentiality, integrity, and availability of systems and data. Apply fundamental security principles to daily activities.
- Threat Detection: Assist in the identification of potential security threats by monitoring network and system logs, as well as analyzing data from various security tools. Report anomalies or suspicious activities to senior analysts.
- Documentation: Maintain accurate and thorough documentation of all security incidents, alerts, and investigation findings. Contribute to the development and enhancement of standard operating procedures (SOPs) and playbooks.
- Collaboration: Collaborate with cross-functional teams, including IT, network operations, and incident response teams, to ensure effective communication and coordinated responses to security incidents.
- Continuous Learning: Stay current with emerging cybersecurity threats, vulnerabilities, and attack techniques. Continuously improve knowledge and skills related to cybersecurity through training and self-study.
- Shift Operations: Adhere to assigned shift schedules and provide timely handover to the next shift. Respond to incidents and alerts in a 24/7 operational environment.
Education & Languages
- Good English written and spoken level is required as working in an international team. Documentation and meetings are done in English.
- Desirable Comptia, Microsoft, EC Council or other related certifications
Why Syntax?
Become a part of our success story and work in a company with exciting innovation projects that are causing a stir across the industry. We recently launched one of the world's most advanced manufacturing facilities based on SAP S/4HANA Cloud and SAP Digital Manufacturing Cloud for Execution - for Smart Press Shop, a pioneering joint venture between Porsche and forming specialist Schuler.
- Competitive, above-average compensation
- Global tourist: With us, you can also work from abroad from time to time
- Flexible working time models, home office
- Attractive benefits, e.g. company pension scheme or various health offers
- A modern environment in which the "you" is part of it
- Open feedback culture, flat hierarchies and a motivated team
- Individual career planning with continuous training and coaching on the job
You see a personal challenge in this responsible task? Apply now - and become part of the SYNTAX team!
