This website uses cookies to ensure you get the best experience.

Levi9 Romania and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics and marketing purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor

These cookies are used to make advertising messages more relevant to you. In some cases, they also deliver additional functions on the site.

Vendors Meta, Youtube, Linkedin
Skip to main content
Iasi · Hybrid

Senior SOC Analyst (Security Monitoring)

JOIN OUR DEVELOPMENT TEAM

At Levi Nine we are passionate about what we do. We love our work and together in a team we are smarter and stronger. We work in a dynamic and challenging environment with talented and forward-thinking people who are part of creative and innovative teams. We are looking for skilled team players who make change happen. Are you one of these players?

OUR PARTNER:

Our partner, ABN AMRO Clearing, is a global leader in the domain of clearing, offering access to a wide range of listed instruments on markets across the globe.

IT is at the heart of their organization with more than 30 different product teams and 10 different platform teams that are trying to build the best products & services for their customers.

Their presence in important financial centers like Amsterdam, Chicago, Sydney, Singapore, Tokyo Hong Kong, London, Sao Paulo, Frankfurt and Iasi, allows them to effectively serve clients worldwide and maintain close proximity to their diverse customer base.

THE ROLE INVOLVES:

The vacant role contains multiple aspects of work in a Security Operations Centre. The primary focus for this role is on Security Monitoring, improving our partner's current capability both on technology and process… and the occasional vulnerability review.

Security Monitoring it's about triaging security alerts and resolving incidents. The alerts are often escalated via the Managed Security Service Provider (MSSP) who provides Tier-1 SOC services to our partner, during the week, and the weekend.

You will then swiftly perform triage and decide what actions should be done to contain the threat. If it becomes a security incident, it's expected you can resolve it from start to finish, while taking more junior team members along the way.

For the analysis you will have access to several sources such as EDR, Firewalls, endpoints, and application logging. If an alert escalates to a security incident, you either resolve it yourself or connect with a team member to resolve it together.

Within Vulnerability Management you analyze and escalate vulnerabilities. These vulnerabilities are then picked up by different teams within the organization for them to resolve.

Besides the daily operations a big part of your role will be actively identifying areas of improvement, working with stakeholders to get these done, and supporting junior team members in their growth.

An important stakeholder is the team who manages the Security Monitoring platforms. You support them with security knowledge and decision on what would make the platform more fit for purpose. Besides the platforms an improvement can range from a small modification of the process or the implementation of a whole new tool, all while working together and challenging the stakeholders who are a part of this process.

As a Senior SOC Analyst, you play a critical role in keeping the company safe by assessing the risk and impact of detected vulnerabilities and security incidents in a highly regulated environment.

Responsibilities:

  • Triage incoming cyber security alerts escalated from our MSSP.

  • Investigate cyber security incidents and lead investigations to contain and remediate them.

  • Identify detection gaps and collaborate with platform owners to improve alert fidelity, reduce noise, and enhance monitoring capability.

  • Partner with the team managing SIEM, EDR, and logging platforms to advise on tuning, configuration improvements, and onboarding of new data sources.

  • Drive process improvements within the SOC by identifying bottlenecks and redesigning workflows to increase efficiency and clarity.

  • Lead the implementation of new SOC tooling or enhancements, including evaluation, testing, deployment, and integration into daily operations.

  • Provide expert input into detection logic, alert requirements, and platform configuration based on threat behavior and observed incidents.

TECHNICAL PLAYGROUND:

  • 6+ years of experience as a SOC Analyst.

  • Proven experience working with Splunk: deep tuning and content engineering.

  • Experience with the incident response life cycle (leading, end-to-end).

  • Proven relevant experience in security operations work: security alerts triage owning escalated alerts and mentor juniors.

  • Good understanding of threat hunting: planning and running hunts.

  • Detection Engineering Input: experience working with detection engineers.

  • Leading knowledge sharing sessions and involvement in initiatives involving external representation.

NICE TO HAVE:

  • Certifications such as the following would be desirable but not mandatory: GCIH, GDAT, GCDA, GISP, OSDA, CCFR, SC-900, SC-200, Splunk.

  • A keen interest in cyber security and a desire to learn more.

  • Strong communication skills with stakeholders who are technical and non-technical, internally and external.

  • Experience supporting junior team members.

  • A drive to improve the current way of working.

  • Relevant university degree in Computer Science, Engineering, or a related field.

SOFT SKILLS:

  • Fluent English, with good written and verbal communication skills.

  • Strong problem-solving skills and a proactive attitude.

  • Taking ownership on work that needs to be done, and you are flexible regarding possible standby hours.

  • Ability to give and receive feedback and not afraid to ask questions.

Locations
Iasi
Remote status
Hybrid
Technologies
Splunk, Cybersecurity, SOC
Seniority level
Senior

Current job openings

More jobs

Iasi

About Levi9 Romania

Levi9 is a nearshore technology service provider with around 1000 employees and 50+ customers. We specialize in custom made business IT – 95% of our work is on the revenue side of our customers. This is where time to market, high productivity, stable team velocity, and great quality through automation, agility, intensive interaction and understanding matter most.

Co-workers 1000
Iasi · Hybrid

Senior SOC Analyst (Security Monitoring)

Loading application form

Already working at Levi9 Romania?

Let’s recruit together and find your next colleague.

Applicant tracking system by Teamtailor