Security Operations Center (SOC) Analyst

At Infobip, we dream big. We value creativity, persistence, and innovation, passionately believing that it is through teamwork that we can all reach greater heights.

Since 2006, we have been innovating at the edge of technological possibilities and are now shaping global communications of the future. Through 75+ offices on six continents, Infobip’s platform is used by almost 80% of the population, making it the largest network of its kind and the only full-stack cloud communication platform globally.

Join us on our mission to create life-changing interactions between humans and online services with new and unseen solutions.

The Corporate Security team is looking for the first members in LATAM, located in the Asuncion office in Paraguay. Apply if you’re interested in working with one of the coolest teams in Infobip! 

As a Security Operations Center (SOC) Incident Analyst/Tier 1, you will be a part of the team that strives to prevent, identify, and respond to all cyber threats that Infobip is exposed to. 

Your job will include daily triage of security events – alerts raised by our monitoring systems, suspicious behavior reported by our users, and policy violations –to detect security incidents in a timely manner or to escalate potential incidents to your colleagues for deeper inspection. 
Don’t worry; you won’t be sitting in front of the screen all day, sifting through thousands of events – nobody likes that! Automation, fine-tuning of existing rules, and improving the processes are one of our priorities. You will be able to contribute to new tools and, improve use cases playbooks, and even further automate mundane tasks. 
In your daily job, you will also monitor emerging threats and publicly known vulnerabilities and exploits to ensure that all high-risk vulnerabilities in our IT infrastructure are patched as soon as possible, in close cooperation with responsible teams. 
If a security incident occurs, you and your team will be the first responders to the security incident, performing all stages of the PICERL cycle – but fear not, you’re in good company! 

What you will do at Infobip: 

• Be a first responder to security events/alerts/incidents 

• Monitor security applications stack (SIEM, IDS/IPS, EDR/EPP, SOAR, mail security, …) for alerts, prioritize them, and perform triage to confirm whether the incident is ongoing 

• Document incidents in the Incident Management System 

• Escalation of incidents to Tier 2 analysts and other stakeholders (Security and Engineering teams) 

• Actively use security applications stack to triage and correlate security events 

• Suggest improvements to existing use cases, playbooks, rulesets, and security applications stack in general 

• Review and fulfill requests for security exceptions for end users (mail exceptions, web exceptions, removable media exceptions, local administrator rights…) 

• Perform vulnerability management tasks on a daily basis - track emerging threats and vulnerabilities using open-source intelligence, industry news, and other sources, assess their applicability to Infobip’s IT infrastructure, notify responsible teams, and track their timely resolution 

• Perform basic administrative tasks on the systems owned by the SOC team 

• Actively contribute to phishing simulations (payload suggestions and development) 

• Actively contribute during the incident response in all PICERL phases (especially preparation and identification) 

What would make a great fit for this position?     

• Ideally you have an engineering background and passion for IT, technology and security with at least 1 year of prior experience in the same or similar jobs, preferably in fast-paced international environment 

• You have basic knowledge of phishing mail analysis – header analysis, detection and detonation of suspicious links 

• You have basic knowledge of operating systems (Windows, Linux, Mac OS) and their attack surface 

• You have basic knowledge of SIEM and EDR/EPP tools 

• You have strong analytical and investigative skills combined with the ability to navigate through substantial amounts of data to gather critical information in a timely manner 

• You know what a CVSS stands for and can perform basic triage of vulnerability, its severity, and possible impact on the organization 

• You are genuinely interested in information security, curious to learn about security tools, new threats, threat actors, and attack techniques – how to detect them and prevent them 

• Industry-recognized security certificates (Security+, CySA+, CSA, GCIH, …) are advantage, but not a prerequisite 

• Hands-on knowledge of Linux operating systems and system administration tasks are an advantage but not a prerequisite 

• You speak fluently to clients, partners, and colleagues alike and have a great command of English (we validate it!) 

• You can exhibit an advanced level of teamwork, excellent communication skills, and a high degree of independence and project management skills 

• You are efficient in execution, prone to continuous improvements, experimentation, and self-education 

• You will be a part of a global team that regularly synchronizes and shares valuable inputs from day-to-day work  

• You will be expected to work individually but will have a team to lean on when needed  

Infobip employees are people with diverse backgrounds, characteristics, and experiences that share the same passion and talent that helps us achieve our mission. That's why Infobip is committed to creating a diverse workplace and is proud to be an equal-opportunity employer.

All qualified applicants will receive consideration for employment without regard to race, color, ancestry, religion, age, sex, sexual orientation, gender, gender identity, national origin, citizenship, disability, veteran status, or any other part of one's identity.