Job Description

Locations

• BUDAPEST, HU, India (Remote)

Salary

Skills Required

• Solid understanding of cyber kill chain, MITRE ATT&CK, and incident responseintermediate
• Proficiency with SIEM (Microsoft Sentinel)intermediate
• Proficiency with EDR (CrowdStrike)intermediate
• Proficiency with SOAR automation workflowsintermediate
• Hands-on experience with e-mail securityintermediate
• Hands-on experience with sandboxingintermediate
• Hands-on experience with phishing analysisintermediate
• Knowledge of malware behaviorintermediate
• Knowledge of threat intelligence sourcesintermediate
• Knowledge of IOC enrichmentintermediate
• Strong analytical skillsintermediate
• Strong investigative skillsintermediate
• Ability to handle complex casesintermediate
• Effective communication with technical and non-technical stakeholdersintermediate

Required Qualifications

• Bachelor’s degree in IT, Cybersecurity, or related field (experience)
• Security certifications (e.g., GIAC GCIH, Microsoft SC-200, CySA+, or similar) (experience)
• 2–5 years of SOC analyst or incident response experience (experience)

Responsibilities

• Validate escalations from L1 and ensure incident creation is accurate
• Analyse complex e-mail cases or hotline escalations that fall outside SOPs
• Conduct advanced phishing/malware analysis using sandboxing, threat intelligence, and enrichment tools
• Provide verdicts and tailored communication to end users beyond template responses
• Identify phishing campaigns, recurring indicators, and suggest proactive blocking measures
• Perform in-depth triage and investigation of CrowdStrike incidents
• Correlate alerts with endpoint telemetry, network data, and threat intelligence
• Take pre-approved remediation actions via Logic Apps
• Conduct root-cause analysis on recurring incidents
• Propose whitelist/blacklist updates to reduce false positives
• Analyse suspicious e-mails flagged by EOP, including attachment and URL analysis
• Define and initiate mitigation measures (IoC blacklisting, proxy blocking, sandbox validation)
• Classify incident severity and escalate critical events to CDC
• Provide intelligence reporting on evolving e-mail threats
• Independently analyse SIEM alerts, correlate across data sources, and enrich with TI feeds
• Conduct root-cause analysis and propose detection improvements
• Take pre-approved remediation actions using automation playbooks
• Provide prioritization and trend analysis reports to Client CDC
• Collaborate with engineering to enhance detection rules and SOPs
• Mentor L1 analysts by providing feedback and training

Benefits

• general: Opportunity to learn and develop career
• general: Encouragement to be courageous and experiment
• general: Continuous trust and support in an inclusive environment
• general: Flexible working patterns
• general: Equal-opportunity employment

Tags & Categories