- Functional Department: Information Technology
This is an exciting opportunity to grow your cybersecurity career with both on-premises and cloud security. Snow Software is investing heavily in cloud services and applications based on the highly successful Snow License Manager. The security of our offerings is a vital priority to ensure the success of the business, and our Security Operations Center (SOC) Analysts ensure that our security controls are enforced and always adapting to protect the confidentiality, integrity, and availability of Snow Software. The SOC is a fast-paced growing piece of the Information Security Team within Snow Software and is looking for a collaborative and self-starter to grow along with the team.
The SOC Analyst is responsible for monitoring and responding to the security events and risks of the business and documenting their research, triage, and mitigation efforts. They are expected to assess the effectiveness of detections, risk management controls, and policies used to prevent security threats. They are involved in the development of policies and detections and are encouraged to provide recommendations based on their analysis and engage in threat hunting exercises, penetration testing, and phishing campaign simulations.
The SOC Analyst will report to the SOC Lead and is an involved member of the Security Operations and Information Security Team. This role is expected to display familiarity of Cybersecurity best practices and frameworks (MITRE, ISO27001, SOC2), as well as being an active contributor to the continued maturation of current security tools and systems. As a SOC Analyst you are empowered to take the appropriate response actions to mitigate risks and remediate threats to Snow Software and our clients.
- Work in a 24x5 Security Operations environment, working primarily day shift
- Perform security and vulnerability assessments and monitoring of on-premises and cloud applications and infrastructure
- Monitor SIEM, mailbox, and ticket requests; ensuring a timely response
- Works with security information and event management (SIEM) to manage/tune the system, create/manage the detection content and actively watch for alerts
- Conducts proactive threat hunting and uses findings to recognize detection gaps
- Responsible for Security Incident Response actions and escalation of critical severity incidents
- Provides incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary
- Perform file analysis and digital forensics based on alerts received and in support of investigations
- Conduct maturity improvements for information security and cybersecurity tools and systems
- Conduct pen testing and vulnerability management exercises as well as red/blue team events
- Discuss and present major events and initiatives with SOC members during a daily handover session
- Maintain a strong awareness of the current threat landscape
- Knowledge of and experience with SIEM/SOAR technology, and EDR tools
- Knowledge of and experience with Windows, MacOS, and Linux operating systems
- Proven experience of ability to analyze event logs and recognize signs of cyber intrusions/attacks
- Knowledge of and experience with email security
- Understanding of query languages and/or scripting languages
- Experience in a relevant field such as IT audit, risk management, penetration testing, red team/blue team, or as a security operations analyst
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- Is a confident, energetic self-starter, with strong interpersonal skills
- Working knowledge with Kusto, SQL, or other query/programming languages
- Working knowledge with Azure Sentinel and Microsoft Defender
- 1-2 or more years working in a Security Operations Center, internally or with a service provider (MSSP)
- Experience in vulnerability analysis and remediation
- Experience with security tool implementation
You must be able to provide evidence of Australian work rights.
Snow Software is the global leader in technology intelligence solutions, ensuring the trillions spent on all forms of technology is optimized to drive maximum value. More than 4,000 organizations around the world rely on Snow's platform to provide complete visibility, optimize usage and spend, and minimize regulatory risk. Headquartered in Stockholm, Snow has more local offices and regional support centers than any other software asset and cloud management provider, delivering unparalleled results to our customers and partners.
Here at Snow, we strive to provide an equal opportunity workplace and cultivate a fair, equitable and safe work environment that is free of discrimination and harassment. We truly believe in affirmative action. The diversity of our people is one of our greatest strengths. An inclusive and equitable workplace enables us to embrace that diversity to deliver more innovative and sustainable solutions for our people, clients, shareholders and communities. We are committed to making employment decisions at Snow that are based on business needs, job requirements and candidate ability, which are all part of our robust and fair recruitment process.
As an inclusive employer, Snow strives not discriminate on the grounds of age, disability, sex, sexual orientation, gender identity or expression, marriage, civil partnership, pregnancy, maternity, race (including colour and ethnic or national origins), religion, Veteran status or belief.
This is not just a generic ‘equal opportunities disclaimer’ for us – we are truly committed to creating a workplace where our team members thrive.
If you have a disability or special need that requires us to adjust the recruiting process, please do advise us when contacted.
We look forward to your application.