SOC Analyst

Spice IT is seeking a SOC Analyst in Moscow to monitor and analyze security incidents, configure infrastructure, and develop security measures.

## What you'll do

• •Monitor, identify, and analyze security incidents.
• •Analyze and investigate incidents from opening to closure.
• •Document incidents with reports and memos.
• •Determine the need for incident escalation.
• •Participate in incident resolution within authority.
• •Conduct proactive threat hunting and mitigation.
• •Develop proposals for correlation rule modernization.
• •Participate in developing and implementing information protection measures.
• •Develop incident handling and response scenarios.
• •Configure, administer, and develop SIEM monitoring systems.
• •Interact with IT departments.
• •Monitor video surveillance and access control system events.

## Conditions

• •Employment and payments according to the Russian Labor Code.
• •Work in a class 'A' office near Belorusskaya metro.
• •Company-sponsored training and professional development.
• •Extended health insurance with dental after probation.
• •Opportunities for professional growth.
• •1/3 work schedule.

• •3+ years of experience in a similar role within distributed IT infrastructure companies.
• •Strong knowledge of Windows and Linux OS principles.
• •Understanding of attack vectors and techniques (MITRE ATT&CK, TTP).
• •Advanced knowledge of SIEM systems (RUSIEM).
• •Experience with security systems (NAD, NGFW, AV, IDS/IPS).
• •Incident investigation experience.
• •Understanding of OSI model, TCP/IP stack, and network protocols.
• •Ability to analyze logs from OS, network equipment, and databases.
• •Knowledge of scripting languages (bash, PowerShell).
• •Willingness to work in shifts in a 24/7 SOC environment.