At Galp, we believe that together we can make a difference in society by contributing to a more sustainable energy future. Changes starts with our people, where agility, continuous improvement, internal alignment and external focus are the values that define our organization where everyone, without exception, can reach their ultimate potential. We're counting on your energy ⚡

 

SOC Analyst

Mission

Galp is seeking for an energetic and dynamic SOC Analyst to strengthen its Cyber Incident Management capability, responsible for monitoring, analyzing, and investigating security-relevant alerts. She/He will play a key role within the SOC/CSIRT Team, dedicated to safeguarding Galp’s environment, including Critical Infrastructure and Services, against cyber threats.

What you`ll do

• Analyze and investigate complex cyber related alerts escalated by L1;
• Support incident escalation to CSIRT (L3) and assess probable damages, identify damage control and remediation, and assist in developing courses of action;
• Ensure all investigative activity is properly documented in the SOAR platform;
• Develop new and maintain existing security monitoring use cases in the SIEM platform;
• Contribute to the creation and improvement of Response Playbooks;
• Continuously identify opportunities to improve security monitoring and coverage (Onboarding systems and log sources);
• Identify and share lessons learned with the purpose to improve incident management processes;
• Support L1 analysts by providing guidance, specialized knowledge and context;
• Participate in regular purple Team and Crisis Management exercises;

• Knowledge of general cyber incident response principles;
• Proficiency with SIEM and SOAR is preferred;
• Sound understanding of cyber security principles and best practices;
• Good infrastructure and technology experience including demonstrable understanding of security operations;
• Security-relevant knowledge around Active Directory, Linux, Windows Server and Workstation OSs, and Could;
• Good knowledge of security issues inherent in common corporate environments;
• Knowledge of the MITRE ATT&CK Framework, Kill Chain, NIST and other security frameworks is valued;

What you`ll need

• Knowledge of general cyber incident response principles;
• Proficiency with SIEM and SOAR is preferred;
• Sound understanding of cyber security principles and best practices;
• Good infrastructure and technology experience including demonstrable understanding of security operations;
• Security-relevant knowledge around Active Directory, Linux, Windows Server and Workstation OSs, and Could;
• Good knowledge of security issues inherent in common corporate environments;
• Knowledge of the MITRE ATT&CK Framework, Kill Chain, NIST and other security frameworks is valued;

• Degree in computer science, information technology, or a related field is beneficial.
• Relevant experience in network operations or helpdesk support, along with certifications, can also be considered
• Minimum two (2) years of related work experience;
• Technical security certificates (e.g. GCIH, ECIH, CEH, GSEC, OSCP) are advantageous;
• Highly motivated individual with a genuine enthusiasm for cyber security and technology;
• Quick learner for new technologies and concepts;
• Good communication skills both written and verbal;
• Ability to prioritize workloads and to know when to seek guidance;
• Willingness to work on sporadic on-call shifts to support escalations from L1 out of business hours;
• Ability to get along well with a variety of personalities and individuals;
• Driven ability to complete assigned tasks under stressful situations;
• Verbal / written Portuguese fluent - Mandatory;
• Verbal / written English fluent - Mandatory;
• Verbal / written Spanish - Preferential.

Diversity, Equity and Inclusion (DEI)
At Galp, we have the ambition to be a Human Centered Company, and for that we acknowledge our responsibility to promote Diversity, Equity and Inclusion (DEI) by having a genuine  mindset, lived on our day-to-day, in all our processes. We believe that everyone should be celebrated and valued for who they are: not only for their potential, but also for their distinctive characteristics.