SOC ANALYST L2

Get the future you want with Capgemini💙Who are we?🌍Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of 300,000 team members in nearly 50 countries. With its strong 50-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms.We desire to hire SOC Analyst L2 Profiles to be part of our team integrated CIS Business Unit.The Level 2 (L2) Security Analyst manages complex incidents, conducts advanced threat analysis, and coordinates responses. They enhance security tools, guide Tier 1 Analysts, and proactively defend against advanced threats, fortifying client defenses and preserving critical infrastructure and reputation.Key responsibilities:Advanced Analysis: Perform deeper and more detailed analysis of incidents, evaluating sophistication and potential impact compared to level 1Specialized Escalation: Handle incidents of greater complexity, escalating to higher levels and coordinating with specialized teams when necessaryForensic Investigation: Conduct forensic investigations to determine the root cause of incidents and collect evidence for possible legal actionSignature and Rule Development: Create and update signatures, rules, and behavioral profiles in detection tools to improve accuracy and effectivenessTechnical Advice: Provide technical advice to level 1 analysts, helping in the understanding and resolution of more complex incidentsTool Optimization: Collaborate in the improvement and optimization of security tools, proposing adjustments and updates to keep up with threatsCritical Incident Management: Coordinate the response to critical incidents, ensuring efficient execution of mitigation and recovery plansReview of Security Policies: Evaluate and update security policies and procedures, ensuring their alignment with best practices and regulationsStaff Training: Provide ongoing training to Tier 1 staff and other teams on new cybersecurity threats, tactics, and techniquesThreat Intelligence Analysis: Integrate threat intelligence to improve the ability to detect and respond early to possible attacksCoordination with Internal Teams: Collaborate closely with internal teams, such as the risk management and compliance team, to address specific security aspectsDevelopment of Executive Reports: Prepare detailed executive reports on incidents, providing clear and concise information for decision makingContinuous Process Improvement: Identify opportunities for improvement in incident response processes and contribute to their continuous evolutionVulnerability Analysis: Carry out vulnerability assessments to identify possible points of exposure and collaborate in their mitigationParticipating in Advanced Drill Exercises: Engage in more advanced cybersecurity drills to test responsiveness and improve team readiness.Required Skills:Strong analytical and problem-solving skillsExcellent written and verbal communication skillsKnowledge of security best practices and conceptsHigh ability to multi-task, prioritize, coordinate, work well under pressure and meet deadlinesHigh-level understanding of TCP/IP protocol to detect and understand malicious trafficExperience in SIEM operation & tooling (IBM QRadar, Splunk, Microsoft Sentinel, Chronicle)Experience in EDR operation & tooling (MS Defender, Symantec, CrowdStrike Falcon, among others)Experience in Network components operation or general knowledgeExperience in incident, problem management, and/or change managementKnowledge of Operating Systems, Basic Scripting SkillsAbility to communicate in writing and verbally in both Spanish and EnglishSecondary skills (nice to have):Bachelor's degree in Cybersecurity, Networking, Information or a related field is not mandatory but is wellcomeRelevant industry certifications are not mandatory but are wellcome:AZ-500, SC-100, SC-200CISSP, GCIA, GCIH, ECIH, CySA, CISACompTIA Security+CompTIA Network+Why you should join us:🏡You will find a dynamic and inclusive work environment👩‍💻Participate in cutting-edge and innovative technological projects.☁Career plan and specialized training courses.📄Competitive salary according to candidate’s profile👉Restaurant tickets✔Childcare checks🥗Medical and life insurance🏡Become part of a responsible company committed to equal opportunities.🎯An excellent work environment and team with whom to work side by side.👉Regular team and global events📄Steady job, you'll get a permanent contract from the first day onwards.💻Hybrid working modelDIVERSITY & INCLUSION AT CAPGEMINIAt Capgemini, we are committed to diversity and inclusion. Diversity is a source of innovation and inspiration. We are committed to professionals, regardless of ethnicity, gender identity, disability, sexual orientation or any other dimension of diversity.🚀It's time! Come join us, and be part of our growing family