SOC Analyst

Job Description

Who are we?

Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. Guided daily by our purpose of unleashing human energy through technology for an inclusive and sustainable future, we are a responsible and diverse organization of 340,000 team members in nearly 50 countries. With over 50 years of heritage and expertise, we are a trusted partner to address the full breadth of our clients' needs—from strategy and design to operations—leveraging the innovative world of cloud, cybersecurity, infrastructure data, AI, connectivity, software, and platforms.

We are looking for a Level 1 (L1) Security Analyst to join our Cybersecurity Operations Center and be the first line of defense against cyber threats. You will play a key role in monitoring, detecting, and responding to security incidents, helping to protect our clients' digital assets and ensure business continuity.

Key Responsibilities:

• Proactive Monitoring: Continuously monitor security events and alerts to identify potential threats.
• Log Review: Analyze logs and event data to detect anomalous patterns and behaviors.
• Alert Analysis: Evaluate and triage security alerts, determining severity and required actions.
• Initial Investigation: Conduct preliminary investigations to understand incident context and impact.
• Immediate Response: Apply quick mitigation measures for low-complexity incidents.
• Escalation: Forward complex incidents to higher-level analysts following established protocols.
• Coordination with External Teams: Collaborate with client stakeholders on incident management.
• Incident Recording: Document all incident details, actions taken, and outcomes.
• Team Collaboration: Work closely with other analysts to share insights and improve response.
• Service Handover: Ensure proper shift closure and quality assurance for ongoing incidents.
• Tool Maintenance: Maintain and update security tools to ensure optimal performance.
• Report Generation: Create detailed incident reports for analysis and decision-making.
• Continuous Update: Stay informed on emerging threats and vulnerabilities.
• Policy Compliance: Ensure adherence to organizational security policies and procedures.
• Education and Awareness: Support awareness initiatives by sharing best practices with users.
• Drill Participation: Take part in incident response exercises to enhance team readiness.

Required Skills:

• Strong analytical and problem-solving abilities.
• Effective written and verbal communication skills.
• Understanding of cybersecurity principles and best practices.
• Ability to multitask and work under pressure.
• Familiarity with network protocols (TCP/IP, UDP).
• Experience with security tools (antivirus, firewalls, IPS).
• Knowledge of operating systems (Windows, Linux).
• Endpoint security management.
• Basic scripting skills (Python, PowerShell).

Nice to Have:

• Bachelor’s degree in Cybersecurity, Networking, or related fields.
• Experience with SIEM tools (IBM QRadar, Splunk, Microsoft Sentinel, Chronicle).
• Experience with EDR tools (MS Defender, Symantec, CrowdStrike Falcon).
• Relevant certifications such as:
  • AZ-500, SC-100, SC-200
  • CompTIA Security+
  • CompTIA Network+
  • CompTIA CySA+