Principal SOC Analyst, Rijswijk

Department:

Cyber Services and Capabilities

Location:

NLD Rijswijk

Description Your Role as a Principal SOC Analyst

Location: Rijswijk (3 days per week onsite)

In short: This position is a critical role within the organization, serving as the technical lead for our SOC and primary point of contact for potential security incident escalation during significant incidents or crisis situations. This involves close collaboration with our Senior Management and Senior Analysts. The role also includes providing guidance and mentorship to junior staff members, fostering their growth and development within the organization. As an escalation point for Senior Analysts, this role requires a high level of technical skill, commitment and availability.

A key part of the role is contributing to the continuous business development opportunities within Global Management Solutions (GMS). This involves staying abreast of emerging threats and vulnerabilities in the cybersecurity landscape and ensuring that all analysts within the Security Operations Centre are adequately trained to handle these threats.

The role requires a deep technical understanding of various security systems, including IDS/IPS, Full Packet Capture devices, Firewall, DDoS detection and mitigation, availability and SIEM platforms. This is crucial for identifying potential threats, vulnerabilities, and indicators of compromise.

An important aspect of the role is serving as a technical escalation point for incidents. This includes functioning as an incident handler during high-priority incidents and providing incident remediation and prevention documentation and recommendations to customers.

You will be the technical lead in the SOC, and responsible for our Continuous Improvement processes, procedures and documentation. The role also involves developing new processes related to security monitoring procedures and delivering customer service that consistently exceeds customer expectations, in close collaboration with our Product Management team.

Finally, the role serves as an escalation point for all members of the Cyber Monitoring team, offering assistance and mentorship as necessary.

Key Responsibilities

Serve as the technical conscience of the SOC

Represent the SOC in Service Activations

Quality assurance processes&procedures and Continuous Improvement of the SOC

Act as the principal point of contact for potential security incident escalation during significant incidents or crisis situations, in collaboration with the Computer Incident Response Team (CIRT), Senior Management, and Senior Analysts

Offer guidance and mentorship to junior staff members

Act as a functional team lead and escalation point for Senior Analysts

Contribute to the continuous business development opportunities within Global Management Solutions (GMS)

Maintain an advanced understanding of emerging threats and vulnerabilities

Develop and maintain training plans for all analysts within the Security Operations Centre

Foster collaborative relationships with internal stakeholders and clients, with a strong emphasis on growth

Document and develop new processes related to security monitoring procedures

Deliver customer service that consistently exceeds customer expectations

Serve as an escalation point for all members of the SOC team, offering assistance and mentorship as necessary

Skills, Knowledge&Expertise Minimum Requirements

Minimum HBO working/thinking level

Experience within a SOC Senior Analyst role

Previous experience working in a technical client facing capacity within a SOC

Desirable Requirements

Splunk Certified Power User/Advanced Power User

CompTIA Certifications (Security+, Network+, Linux+, Cloud+)

Crest, GIAC or CISSP Certification

Degree in related field

Understanding of compliance standards&frameworks

Other relevant certifications

Behaviors

Working Hours: The working hours are 0900-1730hrs Mon-Fri, and you would be expected to be working and contactable throughout those times. You will be asked to be part of our on call roster, which requires 24/7 availability once every 6 weeks.

Professionalism: Conduct yourself with professionalism, integrity, and ethical behaviour in all interactions and situations.

Proactive: Demonstrate a proactive approach to process improvement and process creation, ensuring conformity to the standards of the MXDR SOC.

Collaboration: Work well within a team environment, communicating effectively with colleagues from different departments and sharing insights to improve security posture.

Adaptability: Embrace changes in technology and processes, adapting to new challenges and learning quickly in a dynamic security landscape.

Job Benefits

A good salary that matches the things you have already done and will do

Flexible working hours and flexibility in working from home or at the office

A favorable pension scheme, 26 vacation days (+4 mandatory days off), and 8% holiday pay with a full-time contract

Plenty of development opportunities: training, TechTalks, events, and our Fox Academy

A laptop and business phone. If you use your own phone, you will receive a reimbursement of up to€25 per month

A remote work allowance (for hybrid working)

A performance bonus and profit sharing

When we work in the office, we gather every day for a delicious lunch

Visa sponsorship: Please note we are currently unable to sponsor visas for this position.

Application note: We review every application and will contact you if your knowledge and work experience match what we are looking for. If you do not hear from us within 10 days, please do not be disappointed; we will keep your CV in our database for potential future vacancies.

Data privacy: All personal data is stored in accordance with the NCC Group's privacy policy. We are committed to diversity and flexibility in the workplace. If you need any adjustments during the application process, please let us know.

#J-18808-Ljbffr