SOC Analyst / Security Operations Analyst

We're CyberOwl, a dynamic venture capital backed start-up that operates globally with colleagues based in the UK, Greece, Singapore, Malaysia, Poland and Portugal.
CyberOwl helps maritime and CNI asset operators gain visibility, cybersecurity and compliance of systems on their distributed, remote assets. We work with ship owners and managers where our technologies provide near-real-time visibility of the onboard IT and OT assets and their communication patterns, raises early warning of cyber-attacks, suspicious behaviors and monitors for non-compliance. We complement this with a managed service (SOC) and specific cybersecurity advisory services to further support the asset operator.
Our team is 40+ Owls strong and always growing. We’re expecting another significant growth phase imminently. We’re recognised as market innovators - we have a bias for action and our team pride themselves on their ability to plan, execute and iterate at a rapid pace. We value the ability to challenge each other, hold each other to account, develop each other personally and professionally and celebrate each other’s successes. We’re adopting OKRs to drive performance and ensure we align as a business. We celebrate diversity with 13 nationalities, 17 languages, many more dialects – and lots of owls. We are spread across 2 continents and 6 countries.

The Role:

The L2 SOC Analyst will work alongside our team of security analysts in Asia and Europe on delivering and improving our service to customers. The individual will work with our global Head of SOC, the Asia Lead SOC Analyst and other Security Analysts along with other employees and contractors of the Company as required. The role requires the L2 SOC analyst to monitor for, and analyse malicious or anomalous behaviour across our customer environments, threat hunting, producing customer reports and attending online customer facing meetings.

The L2 SOC analyst will also provide support to other internal teams in the development of our security products and supporting the SOC in the maturation and tuning of existing toolsets.

Shift pattern

In order to support and liaise with our EMEA based team and support customers globally, we will be implementing a 24x7 capability, covering the hours of 7am to 11pm and weekends on rotation within the SOC.

Duties

● Supporting the work of the UK Lead Security Analyst and Global head of SOC
● Assessing threats, vulnerabilities and network asset behaviour for indicators of suspicious activity/abnormality
● Report generation for customers
● Attend and present at customer meetings when required
● Responding to and investigating alerts raised by proprietary tool sets
● Performing detailed analysis of the data captured by monitoring systems
● Working with the development team to develop and maintain the threat indicator modules within the products' software architecture
● Contributing to the strategy and execution of our security intelligence centre of excellence
● Supporting the leadership team with defining and executing a threat indicator research and development roadmap
● Supporting the UI/UX and front-end developers with providing knowledge or conducting research into incident detection, remediation and prevention processes
● Supporting other Company employees or working directly with customers and partners on delivery of the products and services
● Attending, presenting or representing the Company at cyber security or other related conferences, exhibitions and workshops and at meetings with potential customers or partners, as directed by the Manager or other members of the leadership team
● Keeping up to date on technology, tools and trends in the cyber threats and security domain Supporting the leadership team with building and growing the Company

● Working effectively as part of our SOC team
● Striving to understanding our customers’ needs to help us maximise the value we deliver.
● Facilitating effective collaboration and communication between teams

Essential Skills

● Experience working in a SOC
● Knowledge of Windows OS
● Basic networking knowledge
● Experience working with a SIEM
● An understanding of the cyber security risks associated with various technologies and ways to manage them
● Verbal communication skills, including presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals
● Written communication skills & the ability to write technical reports.
● Time-management and organizational skills to manage a variety of tasks, prioritise workload and meet deadlines

Desirable skills, experience and tools

The ability to speak Mandarin would be highly advantageous

● Knowledge or Certification in Industrial control systems / CNI
● Demonstrable knowledge of at least one scripting or programming language would be desirable
● Experience with Kibana
● Experience with Elastic

Behaviours
● Facilitate internal communication and effective collaboration
● Resolve conflicts and remove obstacles that occur
● Be obsessed with delighting clients and delivering quality
● Demonstrate innovativeness and resourceful.
● Be comfortable working in a start-up environment and thrive on change.
● Be methodical with an aptitude for analytical thinking and an eye for detail.
● Be inquisitive and questioning. Be open minded and learn from those around you.

Equality Diversity & Inclusion

In addition to a competitive base salary we also offer employee equity, flexible benefits, death in service benefit and access to professional mentoring, coaching and learning & development. We will soon be introducing medical benefits. We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation, gender, marriage/civil partnerships, pregnancy, maternity or age.