Security Operation Center Lead Analyst

Location: Bucharest, Romania

The people we all rely on to make the world go round – they rely on Thales.  Thales rely on its employees to invent the future: right here, right now.

Present in Romania for over 40 years, Thales is expanding its presence in the country by growing its Digital capabilities and by developing a Group Engineering Competence Centre (ECC). Operating from Bucharest, Thales delivers solutions in a number of core businesses, from ground transportation, space and defence, to security and aeronautics.
Several professional opportunities have arisen. If you are looking for the solidity of a Global Group that is at the forefront of innovation, but with the agility of a human structure that tailors to the personal development of its employees and allows opportunities for evolution in an international environment, then this is the place for you!

Job summary:

A Cybersecurity Engineer capable of maintaining and protecting the data and systems of operational cybersecurity tools. From a technical background, someone who is able to design and understand how security tools sit within an overall defensive model.

Main responsibilities

• As a SOC Lead Analyst, you will play a key role in Thales' digital transformation and you will be entrusted with the following missions:

• Handling escalated SOC alerts (investigation from SIEM and Cloud security solutions: Zscaler, Microsoft NSG, Azure Security Center, etc.)
• Participation / management of the response to security incidents
• Implementation of new SIEM rules and improvement of existing rules
• Implementation of a dashboarding environment for managing alerts in conjunction with the RSSI
• Definition and participation in SOC improvement projects (tools, processes, increasing SOC coverage, considering the data science dimension applied to the SOC, etc.)
• Participation in the writing of SOC documentation

• 10% of your time will be allocated to learning: ensuring monitoring to ensure the use of the most effective and innovative approaches and techniques, the transition from certifications or participate in conferences.

Requirements

• SIEM (Azure Sentinel is a plus): analysis of system and application logs, etc.
• Knowledge of the ELK or Grafana stack
• Knowledge of attack techniques / APT
• Mastery of the Mitre ATT&CK and CIS Framework

YOUR CAREER AT THALES

Joining Thales, you will integrate into a tight-knit team working in an international and friendly environment. Thanks to various teams working on multiple fields and domains, all located in Bucharest, you will be able to evolve and grow your competences in different areas.

• Room for and attention to personal development
• The opportunity to grow within the organization, for instance on a technical, managerial or international level, within the various markets Thales is working in

Your immediate benefits

• 24 holiday days a year
• A good work-life balance which includes flexible working hours and work from home options
• A comprehensive compensation and benefit package including medical coverage

YOUR WORKING LOCATION IN ROMANIA (hybrid)

Hosted in the new state-of-the-art Orhideea Towers, our Bucharest site is home to over 400 employees working across the various Thales businesses. A modern facility with views of the city, we are across the street from Grozavesti subway station and tram stop.

At Thales we provide CAREERS and not only jobs.

Together we believe that embracing flexibility is a smarter way of working. Great journey starts here, apply now!

At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now!