SOC Analyst - Dublin
SOC Analyst / Engineer will be responsible for monitoring, detection and response of security logs, events and alerts within Guidewire’s Security Operations Center for its SaaS and Corp IT environments. The role will report to the Director of Security Operations and is part of Guidewire’s global Information Security group.
ESSENTIAL DUTIES AND RESPONSIBILITES
- Collaborate with the MSSP’s SOC analysts to monitor, analyze and investigate security logs, events and alerts from a variety of devices including SIEM, IDS/IPS, Next Gen EDR, AWS Cloud security tools, WAFs etc.
- Engage with other asset owning teams within Guidewire like CloudOps, IT and Product Development to respond, triage, remediate and tune alerts
- Act as Guidewire’s blue team person to identify gaps in visibility, ingest new log sources and build content for the SIEM to generate actionable contextual threat intelligence data and improve visibility and detection
- Provide subject matter expertise in security threat analysis, hunting, detection and response across Guidewire’s Production and Corp IT environments
- Escalate and/or participate in the Security Incident Response Team (SIRT) activities, helping SIRT to detect, respond, contain and recover from security incidents in a timely manner
- Generate and build relevant security dashboards, trends and metrics as needed for the Information Security leadership team
- Willingness to be on call and serve as the point of contact for information security alerts and incidents
- 3+ years of previous experience working in security operations, hunt teams, or incident response, triaging cyber security alerts, events, incidents – Public Cloud experience required
- Good understanding and ability to investigate threat campaign(s) techniques, lateral movements, C&C communications and indicators of compromise (IOCs)
- Hands on experience in Logrhythm SIEM is a nice to have - searching and querying of raw logs, tuning of events and alerts, analysis and investigation of alerts, and writing content for Logrhythm SIEM, AIE rules etc.
- Minimum 3 years of experience in security analytics, correlation, tuning, analyzing and investigating alerts from multiple security technologies including IDS/IPS, SIEM, EDR, User Behavior Analysis tools, Network Packet Analyzers, Log Analysis (Windows, Linux, Web Servers, AWS Cloudtrail, AWS GuardDuty, NextGen Firewalls, NextGen AV, WAFs, etc.)
- Familiarity of at least one public Cloud platform (AWS, Azure, GCP) with understanding/working knowledge of IaaS, platforms and services (i.e. VPC, EC2, S3, RDS, AWS SDK, Lambda, AWS WAF, CloudFront, ECS, etc.)
- Experience developing and maintaining operations playbooks, run books, and the IR plans
- Thorough understanding of the threat and attack landscape in networks and web applications, latest security trends, attack vectors, vulnerabilities, and how they are leveraged by malicious actors
- Security certifications like CISSP, GSEC, GCFA, GCIH, GCIA, CHFI, AWS certification etc. are highly desired
- Excellent verbal and written communication skills and ability to document and explain technical details and incident reports clearly and concisely
- S. degree in Computer Science or related field or equivalent combination of professional development training and experience
Guidewire exists to deliver the industry platform that P&C insurers rely upon to adapt and succeed in a time of accelerating change — and to ensure that every customer succeeds in the journey. We provide the software, services, and partner ecosystem to enable our customers to run, differentiate, and grow their business.
Guidewire InsurancePlatform is the P&C industry platform that unifies software, services, and partner ecosystem to power our customers’ business. InsurancePlatform provides the standard upon which insurers can engage their customers, optimize their operations, drive smart decisions, and innovate quickly. We are privileged to serve more than 350 P&C insurers in 32 countries. We invest heavily in R&D to build a technology platform that combines three elements—core processing, data and analytics, and digital engagement—to enhance insurers’ ability to engage and empower their customers and employees.
Guidewire Software Inc. provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. All offers are contingent upon passing a criminal history and other background checks where it’s applicable to the position.