Senior Soc Analyst

Fortum IT Security Operations Centre delivers cyber security service to mitigate cyber risks and increase collective cyber resiliency across Fortum ecosystems. We are an international team composed of people with an enormous passion for cybersecurity. We prevent the risks and threats associated with everyday work on the web of all our employees and partners. Does this sound interesting to you? Keep on reading!

About the role

A Level 3 Analyst (Senior SOC Analyst) is a subject matter expert responsible for managing threats, disseminating information, handling, and responding to, as well as investigating all incident escalations from the Security Operations Centre (SOC). Level 3 team members are responsible for coordinating the CSIRT (Computer Security Incident Response Team) process when necessary and managing incidents throughout the event life cycle. Senior SOC Analyst team members will further an investigation and ensure root cause and resolution for metrics, tracking and lessons learned are compiled, documented, and disseminated.

Main responsibilities include

• Conduct forensics analysis on systems and ensure root cause and resolution for metrics, tracking and lessons learned are compiled, documented, and disseminated.
• Writing technical reports detailing how the computer evidence was discovered and all the steps taken during the retrieval process (timeline).
• Analyse and review escalated cases until closure; this includes investigating and recommending appropriate corrective actions for data security incidents which includes communicating with the implementation staff responsible.
• Research, develop, and keep abreast of testing tools, techniques, and process improvements in support of security event detection and incident response.
• Participate with onboarding new log sources and provide expertise about needed sources, develop, and maintain detection rules.
• Sharing knowledge with less experienced team members and supporting them

About you

• Degree in computer science or closely related area with 4+ years of IT security experience.
• One relevant certificate (like CISSP, OSCP, GCFA etc.) is strongly preferred.
• Hands on experience in SOC or CERT.
• Hands on experience in the creation of use cases/detection rules for SIEM systems.
• Hands on experience in analysing SIEM/EDR data sets.

We offer you

• Possibility to work with the cloud technology of the future and future-oriented products
• Modern tools and possibility to improve processes
• Focus on cybersecurity as a mandatory thing looking after critical infrastructure 
• Internal and external trainings
• Holistic view on wellbeing as part of our culture

Interested?

Please send your application with salary request latest by 29th February 2024 via our online recruitment tool. We work with an ongoing selection and will close the recruitment process as soon as the right candidate is found. For further information, please contact Marcin Poslad, Senior Manager, Security Ops Center, at +48 502 300 393, marcin.poslad@fortum.com.

To be selected for the position, the applicant must go through background clearance and a health examination including drug testing.  

At Fortum, we are committed to building diverse teams where everyone feels included and is treated equally.

We are Fortum
Fortum is a Nordic energy company. Our purpose is to power a world where people, businesses and nature thrive together. We are one of the cleanest energy producers in Europe and our actions are guided by our ambitious environmental targets. We generate and deliver clean energy reliably and help industries to decarbonise their processes and grow. Our core operations in the Nordics comprise of efficient, CO2-free power generation as well as reliable supply of electricity and district heat to private and business customers. For our ~5 000 employees, we commit to be a safe, and inspiring workplace. Fortum's share is listed on Nasdaq Helsinki. fortum.com