Natixis in Portugal is fully integrated in the global organization of Natixis, a French multinational financial services firm specialized in Asset & Wealth Management, Corporate & Investment Banking, Insurance and Payments. A subsidiary of Groupe BPCE, Natixis counts nearly 16.000 employees across 38 countries.
Based in Porto, Natixis Centre of Expertise mission is to transform traditional banking by developing innovative solutions for the bank’s business, operations and work culture worldwide, as a key driver of the company’s culture of agility and innovation. Teams of IT and Banking Support Activities work in an integrated, inclusive and transversal way, supporting all the business lines and country platforms.
Natixis in Portugal is the best combination of a “start-up mindset” with a large, solid structure. Its unique culture gives true meaning to a “beyond banking” personality: to be a real entrepreneur, self-challenging, ever striving to excel and go that extra mile.
We are looking for a SOC Analyst L2 (local contract) to join our BPCE IT business Unit.
Integrated within the Security Operation Center (SOC) BPCE-IT, the Blue Team is the first line of defence, responsible for defending the enterprise's use of information systems by maintaining its security posture against attackers.
The main activities are the ones below:
Detection, categorization and investigation of infrastructure, applications and security incidents
Vulnerability management on critical vulnerabilities (handling, categorization and follow-up)
Leading incident response plans
Follow-up of remediation plans
Implementation of detection scenarios and treatment of associated alerts
The L2 SOC Analyst is responsible for monitoring and analyzing the organization’s networks and systems on a daily basis to detect, identify, investigate, and mitigate potential threats. They must be able to identify anomalous behavior, recognize patterns of malicious activity, and take appropriate corrective action.
In addition to their daily duties, the L2 SOC Analyst will provide recommendations for improving security posture and assist with incident response plans, policies, and procedures. Some additional responsibilities may include recommending tools or solutions, participating in audit activities, providing reporting on security events/incidents and collaborating with other teams across the organization.
Main Tasks and Responsabilities:
The candidate will have 3 main missions:
1) Analysis:
Participation in improving correlation and log analysis rules
Conduct investigations and research including statistics
Interpret or perform first level (Sandbox or manual) minimum scans on malicious codes
Improve our Threat Intelligence activity
2) Handling incidents:
Creating, and managing service requests via our ticketing tools (ServiceSnow / SecOps / TheHive)
Qualify and analyze these elements to determine the cause of the incident, the mode of operation of the attack (vulnerabilities use, tactics, technics), the scope and the perimeter of compromise
3) Training:
Knowledge transferring in-house and writing documentation
Apart from these activities the candidate will have to maintain and develop his expertise:
in techniques and tools of digital investigation
methods and tools for analysis (monitoring, training, international conferences, etc.)
Main requirements:
The candidate must be operational on the security tools used in the BPCE IS and master the architectures in place.
Solid knowledge in most of the following technical areas is required, keeping in mind that no one is an expert in every topic.
The ideal candidate should have advanced problem-solving skills and a background in cybersecurity engineering.
1) SIEM/SOAR
Knowledge of the operating principles of Information Monitoring and Security Event Solutions (SIEM).
Good experience of Splunk and Regex search syntax.
Good experience of theHive
3) SYSTEM/NETWORK
Good knowledge of network and system architectures
Knowledge of the operation of intrusion detection probes and event log correlation tools
4) SECURITY:
Good knowledge of Mitre Attack framework and counter measures link to the technics and tactics
Good knowledge of Information monitoring and analysis tools and methods.
Good knowledge of the security standards for different technologies (web servers, messaging, database, DNS, proxy, firewall, etc.)
Have a good knowledge on one or more of the following topics:
Web application vulnerabilities
Malware types (rootkit, ransomware, botnet, etc.)
Obfuscation and persistence technics (cryptography, packing, etc.).
Digital investigation/analysis tools
SandBox behavioral
Other requirements:
- Good level of English – minimum B2 level;
- Good level of French - minimum B1 level;
- Ability to keep up with a demanding and fast-paced environment;
- Good communication skills;
- Good priority definition skills;
- Know how on implementing pedagogy methods;
- Ability to work in a team.
Additional Information
#MuchMoreThanJustAJob
Early morning. Campo 24 de Agosto. In 4 minutes, you are clocking in at the office. After grabbing a cup of coffee and fresh fruit, pick up your laptop and choose your spot for the day. It's going to be a busy one: French class before lunch and, just after, quick medical appointment at Natixis doctor's office.
Lunch break. Outside in the big terrace (look at your crops at the Urban Garden; ready to harvest!) or, if you feel like stretching your legs, walk downtown to grab lunch.
Back inside. Quick sprint review (working together anywhere means virtual happy birthday to that colleague in Paris that just turned 35). The afternoon went flying (tasks, reports, calls, some jokes with your teammates). End it on a high note: just one PlayStation game or the final match for that ping-pong tournament.
Tomorrow, you complete that certified technical training and the day after, you will work from home, taking advantage to finally do that online course on Udemy. Once you are done with your tasks for the day, you can visit the office for a board games session or show up at the rehearsal of one of Natixis bands. If that is too steady for you, meet your colleagues to surf some waves or join them in a football match.
