W

Global Security Ops Center - Level 2 Analyst

WTW
Full-time
On-site
Portugal

📅 Apply Before: 10/05/2024

🤔 About the Company WTW is a top-rated advisory, broking, and solutions company that helps clients around the globe turn risk into chances for growth. WTW has a long history in the [insurance] industry, dating back to 1828, with notable milestones like the Titanic and the Moon Buggy. The WTW Regional Delivery Hub in Lisbon boasts a global team of over 175 individuals who ensure operational excellence through innovative and streamlined solutions daily.

💼 The Role The Global Security Ops Center (SOC) Level 2 Analyst plays a key role in ensuring the security of WTW's operations. You will be responsible for:

  • 🔎 Incident Investigation: Examining alerts, security incidents, and looking for potential security issues through log analysis and tools like SIEM, UEBA, and EDR.
  • ⏱️ Swift Response: Ensuring a timely response to cyber incidents to minimize business impact, including working with other technical teams and business areas.
  • ⏫ Escalation Point: Being the primary escalation point for complex incidents, conducting investigations, and initiating containment actions.
  • ⚠️ Critical Escalation: Escalating high-priority or severe alerts/incidents to the escalation team according to established procedures.
  • 💾 Data Integrity: Safely collecting and preserving the integrity of cybersecurity data for incident analysis to understand the technical/operational impact, root causes, scope, and incident nature.
  • 🤝 Level 1 Support: Serving as an escalation point to provide process and technical guidance to Level 1 analysts.
  • 🔄 Workload Management: Managing shift workloads to ensure they are assigned and handled in line with KPI targets.
  • 📝 Shift Reporting: Preparing and sending end-of-shift reports to the leadership team.
  • 🔄 Handover Management: Documenting, attending, and leading handover calls to communicate updates, unassigned tickets, tasks, and ongoing incident investigations to the next shift.
  • ✅ Quality Assurance: Performing quality audits of Level 1 tickets to confirm incidents were handled according to established processes.
  • ⚙️ Alert Tuning: Suggesting alert tuning to minimize false positives and enhance the business's security posture.
  • 📚 Knowledge Base: Regularly contributing to the SOC playbooks and knowledge base with investigation findings, including attacker tools, tactics, and procedures, for future investigations.
  • 🤝 Team Training: Assisting in training new joiners or colleagues to develop their skills.

🔎 What We’re Looking For

  • 🤝 Team Player: You'll be a part of a 24/7 SOC across multiple locations, so you need to be a strong team player who can engage with internal stakeholders and colleagues to provide exceptional service and support.
  • 🛡️ Cybersecurity Experience: 4-7 years of experience in a mature cyber defense center or security operations center.
  • 🧠 Problem-Solving: Excellent troubleshooting skills, the ability to research problems, and effective communication during stressful situations while remaining calm and friendly with stakeholders and colleagues.
  • ⏱️ Time Management: Solid time management skills and dependability.
  • 🧰 Security Tools: Hands-on experience with SIEM, UEBA, and EDR as a Level 2 security analyst.
  • 🗣️ Communication: Strong verbal and written communication skills, including the ability to write structured reports.
  • 🎓 Education: BSc/MSc in a security field or equivalent experience in a security-related role.
  • 🧠 Learning: A curious mind with a strong sense of personal responsibility for learning and self-development.
  • 🎯 Attack Techniques: Ability to identify common attack techniques within the context of specific technologies.
  • 💻 Networking: Working knowledge of networking protocols/technologies (e.g., TCP, IP, HTTP/HTTPS).
  • 💻 Operating Systems: Working knowledge of Unix, Linux, and Windows operating systems.

➕ Nice-to-Have

  • 🛡️ Security Certifications: Relevant security certifications (SSCP, OCSP, Security+, CySA+, etc.).
  • 💻 Network Certifications: Relevant network certifications (Network+, CCNA, etc.).
  • 💻 IT Knowledge: Knowledge of other key IT areas (e.g., web applications, databases, Active Directory, network security systems like web proxies, firewalls, and data loss protection).
  • ⚔️ Attack/Penetration Testing: Exposure to attack and penetration methods and tools.
  • 💻 Scripting/Tools: Working knowledge of scripts, tools, or methodologies to enhance incident investigations and processes (e.g., Python, PowerShell).

🎁 What’s in it for you?

At WTW, you'll be part of a professional, friendly, and relaxed environment in an office located in a growing European capital. Join a team of dynamic and inspiring colleagues!

We offer a compelling compensation package, including:

  • ⚖️ Work-Life Balance: Hybrid working, flexible hours.
  • 💰 Compensation: An attractive, performance-based pay structure.
  • 🌎 Internationality: Work within a global management consultancy with a secure position in a large corporation with recognized clients.
  • 📈 Growth: A steep learning curve and ample freedom for individual career growth.
  • 🤝 Collaboration: A supportive, appreciative, and dynamic environment where you learn from your colleagues and make decisions together.
  • 🤝 Customer Interaction: Quickly take on responsibility.
  • 🎉 Company Events: Celebrate successes and community together.

Willis Towers Watson is an equal opportunity employer.

Job Category: Technology Support

Job Schedule: Full time

Job Title: Global Security Ops Center - Level 2 Analyst - Hybrid (Lisboa, Portugal)

AI & Machine Learning

Apply Now
📲 Share this job via:
Twitter Facebook Linkedin Email