Your tasks will include

• Analyzing and evaluating alerts generated by the SOC
• Reporting on the problems detected
• Familiarizing yourself with the alarm system and supporting its maintenance, preparing SOC system documentation
• Collaboration with SOC team members, case escalation to L2 level
• Troubleshooting, written and telephone communication with our customers’ specialists
• Support research, design, and development of software systems related to SOC. As we develop our own platform, you can expect other interesting tasks in addition to analytical/evaluation work
• Supporting the operation of applications necessary for the SOC platform to work

What you’ll need at work

• Experience analyzing logs for Windows, Linux, and other platforms and the applications running on them
• Experience in operating security subsystems (firewall, log analyzer, antivirus solutions, etc.)
• Knowledge of types of attacks and how to counter them (OWASP, Mitre att@ck, CWE TOP 25 and their friends)
• Proficiency in using and managing Linux and Docker-based systems

• Perseverance
  You don’t give up easily, you don’t believe what you see too easily, you are persistent and thorough, and you can learn on your own
• Curiosity
  You are interested in what is at the heart of things, you are able to look beyond and you know what root cause analysis means
• Rule-following
  There is no place for nonsense, you have to resolve incidents according to predefined methodologies, within the framework of an agreement with the client. You have to follow the rules and make sure you respect the boundaries
• Creativity
  It is very useful to be creative in terms of solutions, ideas, and intuitions within the framework set
• Accuracy
  We need to solve problems with our customers within expected response times, so you need to be able to deliver on time, as specified
• Confidentiality
  Knowing what it means to keep a secret and being able to do so is crucial
• Shift working
  Our service availability is 7×24 hours, so as an L1, you will need to be able to work nights as well

• Moral certificate or personal security certificate
• Basic knowledge of en in reading and writing, minimum level of oral communication skills

You are welcome to bring these with you

• Experience in IT Security
• Any security certification (e.g. KCEH, CEH, CIH, CSA)
• Any programming background or experience, preferably in Shell or Python
• Elastic SIEM, Splunk, QRadar, McAfee: you what they are.
• Certified foosball training or camp

What we provide

• A friendly and open company culture: we’re still working on our social media platforms, and our website is being redesigned, so you’re bound to believe that Andrews is a much better place than it looks from the outside. If in doubt, let’s talk, and you can pop in for a game of foosball or take us on in Mortal Kombat!
• Home office: we offer the opportunity to work part-time from home
• In the office, foosball, darts, PS4, snacks, endless coffee, full kitchen, air conditioning, gigabit, 6 giant TVs on one wall to monitor IT security incidents, a life-like fake mango tree by the entrance
• Minimum of 26 days off, even if officially less, plus 10 days of sick leave
• Opportunity to try new technologies, professional challenges, high growth potential
• Laptop, phone, VPN

How to apply

If you like the position and would like to join the Andrews team, please send your CV and a short introduction to career@andrews.hu

Apply