AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals and minerals – safely, efficiently and more sustainably.
We’re the first software business in the world to have our sustainability targets validated by the SBTi, and we’ve been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We’ve also recently been named as one of the world’s most innovative companies.
If you’re a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers.
For more information about our privacy policy and how to manage cookies, visit our Privacy Policy.
Job Overview
We are seeking a highly skilled and motivated Senior SOC Analyst to join our dynamic team. As a Security Operation Centre (SOC) Analyst, will play a crucial role in safeguarding our organization's IT infrastructure and data from cyber threats. Working alongside a talented team, the analyst will have the opportunity to monitor and analyse security events, identifying and responding to potential risks in real-time.
In this pivotal role, the analyst will be at the forefront of protecting AVEVA information system assets, ensuring the confidentiality, integrity, and availability. Their expertise will be essential in identifying and solving potential and actual security problems, implementing proactive measures to enhance AVEVA overall security posture.
What sets this position apart is the around-the-clock vigilance that the analyst will bring to the table. With 24x7 monitoring, the analyst will be responsible for maintaining continuous protection of our organization. This level of dedication and commitment is not only rewarding but also crucial in today's ever-evolving threat landscape.
Roles and Responsibilities
Primary Duties
Ready to work in 24/7 shift timing.
Excellent communication (written and oral) and interpersonal skills
Monitor security systems and networks for suspicious activity.
Validating alert triggered by security information and event management (SIEM) tools.
Triage events and investigate to identify security incidents.
Investigate security incidents and determine their severity.
Contribute to incident response, maintaining relevant communication and information in emails, ticket summaries, analysis and reporting.
Escalate security incidents to the next level for further investigation.
Make recommendations for ongoing tuning and updates to the SIEM system.
Creating/update workflow in alert triage.
Participate in security audits and compliance reviews.
Keep up with the latest security threats and trends.
Perform incident response using AVEVA defined Security Incident Response framework such as NIST.
Provide regular reports to management on the state of the organization's security.
Reports to Digital Forensic and Incident Response Manager concerning security events, incident trends, residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.
Additional Duties
Under the guidance of SOC Team Lead:
Assist with control improvements to identify control weaknesses and contributes to vulnerability advisories.
Participates in security investigations and compliance reviews, as requested by internal or external auditors.
Assisting with audit finding remediation, action plans. track progress and provide status updates to the enterprise compliance team for reporting purposes.
Maintain awareness of applicable regulatory standards, upstream risks, and industry leading security practices.
Provide feedback and recommendations on existing and new security tools and techniques for the improvement of analysis, incident investigation and security controls
Qualifications/Experience
Educational Qualifications
Minimum of 3 years of experience as SOC Analyst or Incident Response or Security Operations Centre role.
Bachelor's degree in information systems or equivalent work experience in relevant information and cyber security domain.
Security certification from a recognised organisation such as ISC2, CompTIA, ECCouncil, SANS Institute is as advantage.
Technical Competency and Experience
Excellent technical knowledge of Microsoft Operating Systems. Knowledge and experience of Linux and Macintosh.
Extensive knowledge in SIEM monitoring and level 1 triage.
Technical knowledge of:
Network traffic and protocol analysis of security events from network devices, firewalls, intrusion detection and prevention systems
Endpoint Detection and Response solutions
Endpoint protection and anti-malware solutions
Identity and access management (IAM) systems
User access control monitoring systems
Email and phishing protection
Security Threat Hunting
Forensic evidence handling
Cloud security, such as Azure or AWS
Awareness of the Mitre ATT&CK framework and how it can be used to learn an adversary’s tactics and techniques and focus incident response.
Knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls.
Knowledge and experience in developing and documenting security processes and plans.
Experience with common information security management frameworks, such as International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST) or Centre for Internet Security (CIS) frameworks.
Occupational Personality
Strong analytical thinking skills with strong written and verbal communication and a good attention to detail.
Ability to manage complex tasks with minimal supervision in team situation and communicate effectively with broad range of individuals.
A strong internal client focus, with the ability to manage expectations appropriately, to provide a superior internal client experience and build long-term relationships.
Passionate about security, with a keenness to develop own skills and knowledge outside of working environment.
Confident in recording and presenting key findings and conclusions to different levels of the business.
AVEVA requires all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.
AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.
Come and join AVEVA to create the transformative technology that enables our customers to engineer a better world.