Senior SOC Analyst

Who We Are – MassMutual Romania

MassMutual Romania is a technology partner of MassMutual, a leading financial services company in the U.S., with a more than 170-year legacy. Established in 2020, the Romanian company is building an in-house team passionate about technology and innovation. We have expertise in software development, data science, and a wide range of technologies. With offices in Bucharest and Cluj, and team members across the country, MassMutual Romania develops technological solutions that help MassMutual deepen its digital capabilities and accelerate its growth in a digital-first world.

Job Description

• Incident Response: Analyze and respond to security incidents, including identifying, containing, and mitigating threats.
• Conduct analysis and triage of security incidents, leveraging EDR solutions, to identify and investigate potential threats and indicators of compromise.
• Perform investigations using user behavior analytics (UBA) tools to detect anomalies and suspicious activities within the network and systems.
• Escalate and coordinate with peers, incident response teams, or other relevant stakeholders to ensure timely incident resolution and containment.
• Collaborate with internal teams to gather necessary information for incident analysis, including network diagrams, system logs, and other relevant data sources.
• Provide accurate and timely incident reports to stakeholders, detailing the nature of incidents, impact, remediation steps taken, and recommended actions to prevent future incidents.
• Assist in the development and improvement of SOC processes, including the creation and maintenance of documentations and playbooks.
• Stay updated with the latest security threats, vulnerabilities, and industry best practices to enhance incident detection and response capabilities.
• Participate in security incident response activities, including containment, eradication, and recovery, working closely with cross-functional teams to ensure the effectiveness of incident resolution.

Requirements

• Python, PowerShell, or other related scripting languages
• Tactics, Techniques and Procedures (TTP) categorization frameworks such as Mitre ATT&CK, Cyber Analytics Repository (CAR), etc.
• Living off the land techniques used by adversaries, using tools such as PowerShell, WMIC, Task Scheduler, Windows Registry, etc.
• Solid understanding of security technologies, and common security vulnerabilities.
• Prior experience working in a Security Operations Center or similar security-related role.
• Familiarity with cyber security related tools, log management systems, orchestration platforms, UEBA tools and other security platforms.
• Strong problem-solving and critical thinking skills, with the ability to work under pressure in a fast-paced environment.
• Maintain a thorough understanding of cloud security principles and incident response protocols specific to cloud environments (e.g., AWS, Azure, Google Cloud).

#LI-PD1