Devoteam Cyber Trust | SOC Analyst | Banking Sector

Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. With our 800+ experts located across EMEA, we aim to establish cybersecurity as an enabler of business success rather than a gatekeeper. We leverage an end-to-end approach to Cyber Resilience, Applied Security, and Managed Security services to secure the tech journey of large and medium-sized companies from all sectors and industries.

Since 2009, previously known as INTEGRITY, our team based in Portugal is specialised in providing cutting-edge Managed Security Services that combine its expertise and proprietary technology to consistently and effectively reduce the cyber risk of our clients.

The comprehensive service range includes Persistent Intrusion Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. ISO 27001 (Information Security) and ISO 9001 (Quality) certified, PCI-QSA, and member of CREST and CIS - Centre for Internet Security, we provide services to a considerable number of clients, operating in more than 20 countries.

We are currently looking for a SOC Analyst for a project in the Banking area.

• Be operational on the security tools used in the client and master the architectures in place.
• Solid knowledge in most of the following technical areas is required, keeping in mind that no one is an expert in every topic.
• Have advanced problem-solving skills and a background in cybersecurity engineering.

The candidate will play a key role in threat analysis, incident response, and knowledge transfer within the Security Operations Center (SOC), acting as a reference point for technical expertise and incident investigation.

1. Analysis

• Improve and optimize correlation and log analysis rules using Splunk.

• Investigate alerts across various Tactics, Techniques, and Procedures (TTPs).

• Prioritize incidents, conduct compromise assessments, and implement blocking actions.

• Perform first-level scans of malicious code using sandbox or manual analysis.

1. Incident Response

• Communicate and escalate confirmed incidents to senior management.

• Lead technical investigations during incidents, supporting junior SOC analysts.

• Conduct retro-hunting, qualifying and analyzing findings to determine cause, attack methodology, exploited vulnerabilities, and scope of compromise.

1. Knowledge Transfer

• Document investigation processes, findings, and best practices.

• Provide training and mentoring to less experienced SOC analysts.

• > 5 years of experience as a SOC Analyst
• Knowledge of the operating principles of Information Monitoring and Security Event Solutions (SIEM).
• Good experience of Splunk and Regex search syntax.
• Good experience of the Hive
• Good knowledge of network and system architectures
• Knowledge of the operation of intrusion detection probes and event log correlation tools
• Good knowledge of Mitre Attack framework and counter measures link to the technics and tactics
• Good knowledge of Information monitoring and analysis tools and methods.
• Good knowledge of the security standards for different technologies (web servers, messaging, database, DNS, proxy, firewall, etc.)
• Web application vulnerabilities
• Malware types (rootkit, ransomware, botnet, etc.)
• Obfuscation and persistence technics (cryptography, packing, etc.).
• Digital investigation/analysis tools
• SandBox behavioral
• Good level of English

The Devoteam Group works for equal opportunities, promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity, dynamism and excellence of our organization. All of our vacancies are open to people with disabilities.