SOC Cyber Analyst

Here at Maersk we’re embarking on an industry-defining transformation, on a bold new direction, expanding our capabilities to become a true end-to-end logistics provider that can deliver intelligent solutions for customers around the world. Our software and technology are centre stage in creating value for our business and our customers. It’s a big moment for all of us – and we all have our part to play.  

What We offer

To work at Maersk is to work with the world. You’ll learn from – and collaborate with – skilled professionals who literally move the world, every day. With a supportive environment to develop your skills, you’ll gain access to world-class learning programmes to accelerate your career goals. And you’ll find yourself welcome in our diverse and inclusive culture, where you are valued for who you are and rewarded for what you bring. For this and many other of our roles, we can offer the flexibility of hybrid working, alongside industry leading benefits such as pension and family health/dental insurances as standard.

What you’ll be doing: 

• Technical understanding and first-hand approach with a wide range of Cyber Security related toolsets likes Sysinternal, Wireshark, ,Sigma, Tcpdump.
• Basic understanding of Windows and Linux forensics.
• Good understanding of various OS like Window, Linux, Unix and their security.
• Knowledgeable in scripting ( eg Bash,Python, Powershell).
• Conducting key incident management activities, including creating effective incident timelines and assisting with response activities.
• Creating hypothesis for threat hunts and using the tooling to carry out those hunts
• Working within a team environment in the development, planning and coordination of new and existing aspects of the Incident Response Team, such as creating Incident Response Playbooks.
• Assist in the development of security tools including new playbooks for the SOAR tool.
• Generating requirements for the fine tuning of SIEM rules.
• Mentoring more junior analysts and acting as an escalation point for them.
• Have direct input into the Cyber Security Incident Response Team (CSIRT) process.
• In coordination with the Cyber Security team and other structures, be able to respond to the CSIRT and associated emergency preparedness procedures.
• Assisting with the Development of key relationships with Maersk Forensics, Security Operations Governance, Cyber Defence Engineering, Risk and Compliance, IT and other critical business unit areas.
• Develop, conduct, and participate in Cyber Incident Response exercises.
• Deliver exceptional quality of Incident Response and Tickets but also review and address L1 and L2 ticket quality through coaching and development of team members
• Follow an agreed shift pattern to execute operational activities of the SOC capabilities, including protective monitoring, incident handling and threat hunting

To succeed in this role, we believe that you can offer: 

• At least 2+ years of relevant experience in Cyber Security Operations, preferably in a Security Operations Centre or similar environment
• Sufficient experience of Cyber Incident Response
• Experience in protective monitoring of different technologies and tooling
• Sufficient understanding or experience with vulnerability and threat management
• Worked with or developed security devices such as SIEM, firewalls etc.
• Hands on analytical skills for log data examination, common Cyber incident response capability and incident Management.
• Understanding of cybersecurity standards and frameworks e.g., ISO27001, NIST, CIS, OWASP, SANS
• Experience in handling incidents in EDR tools.
• Experience in SOAR automation platforms.
• Experience in building use cases for SIEM.
• Knowledge in handling incidents and alerts for cloud ( eg Azure, AWS, Ali cloud , GCP)
• Experience in investigating Network intrusion and host-based intrusion.
• Qualifications within IT Security (e.g., CISSP, CEH, GSEC, GCIH, GCIA, GMON) are desirable but training also may be provided where necessary
• Good knowledge and understanding of how to handle and respond to security incidents as part of a specialised incident response team
• Strong working knowledge and thorough understanding of Protective Monitoring, Vulnerability Monitoring, Threat Intelligence and Threat Hunting
• Knowledge and understanding of security technologies and processes
• Good awareness and knowledge of current exploit techniques, vulnerability disclosures, security analysis techniques, combined with the understanding of the potential impact if unaddressed

If you’re ready to take on this challenge and make a tangible difference, let’s connect. We’re excited to see what you’ll bring to the team!

Maersk is committed to a diverse and inclusive workplace, and we embrace different styles of thinking. Maersk is an equal opportunities employer and welcomes applicants without regard to race, colour, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability, medical condition, pregnancy or parental leave, veteran status, gender identity, genetic information, or any other characteristic protected by applicable law. We will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.

We are happy to support your need for any adjustments during the application and hiring process. If you need special assistance or an accommodation to use our website, apply for a position, or to perform a job, please contact us by emailing  accommodationrequests@maersk.com.