Security Operations Center Tier 2 Analyst
Join to apply for the Security Operations Center Tier 2 Analyst role at Euroclear.
Division
Chief Information Security Office (CISO)
Euroclear is a global critical financial infrastructure that protects its information assets through robust security controls. This permanent position requires a deep understanding of security operations and incident response.
Your Role
Candidates will respond to events and conduct incident response operations according to documented procedures and industry best practices. Strong communication skills are essential. Participants will engage with multiple intelligence communities and disseminate relevant information throughout the SOC. Ideal candidates possess extensive experience with Linux/Windows operating systems, SIEM, IDS, EDR, WAF, networking, and attack methods, and demonstrate a clear enthusiasm for information security.
Your Responsibilities & Duties
First point of escalation for Tier 1 analysts.
Investigate suspicious anomalous activity based on data alerts or multiset outputs from various toolsets.
Review and build new operational processes and procedures; provide feedback for workflow updates and enhancements.
Conduct triage and investigation of advanced vector attacks such as botnets and APTs.
Advise on tuning of IDS, proxy policy, in‑line malware tools, and downstream systems based on threat feeds, trust data, incidents, or vulnerabilities.
Create and tune use cases for the Security Intelligence Analyst based on investigation findings or threat information reviews.
Lead response actions for incidents where CIRT is not required to intervene (low/medium priority).
Collaborate with data asset owners and business response plan owners during low and medium severity incidents.
Perform administrative tasks per management request (ad‑hoc reports, training).
Support the creation and maintenance of a knowledge base.
Provide training and knowledge‑sharing sessions to the SOC team.
Mentor the Tier 1 team.
Assist the Service Delivery Manager with reporting.
Your Qualifications Required
3+ years of prior experience in a similar position.
Experience with network security zones, firewall configurations, IDS policies.
In‑depth knowledge of TCP/IP.
Knowledge of OSI layers 1–7 system communications.
Experience with systems administration, middleware, and application administration.
Experience with network and network security tools administration.
Knowledge of log formats and ability to aggregate and parse log data (syslog, HTTP logs, DB logs) for investigation.
Ability to define a containment strategy and execute it.
Experience with security assessment tools (NMAP, Nessus, Metasploit, Netcat).
Good knowledge of threat areas and common attack vectors (MITRE ATT&CK).
Nice to have:
Splunk and XSOAR experience.
Experience with log search tools such as Splunk, using regex and natural language queries.
Knowledge of common security frameworks (ISO 27001, COBIT, NIST).
Knowledge of encryption and cryptography.
Previous experience in the financial industry.
Scripting (automation) and familiarity with cloud platforms (AWS, Azure).
About Us
Euroclear is a global financial infrastructure, connecting over 2,000 financial institutions worldwide. We are dedicated to facilitating a sustainable global financial system and operate in an open, resilient environment that supports the stability of the financial markets.
What We Offer
Work closely with supportive colleagues from over 80 countries.
Practice your talents in a highly professional international environment.
Access a learning and development environment focused on knowledge sharing and training.
Competitive salary and comprehensive benefits.
Great Place to Work for All
We are committed to creating an inclusive culture that celebrates diversity and strives to be a Great Place to Work for All. All qualified applicants will be considered for employment, regardless of any aspect that makes them unique (race, religion, national origin, gender, sexual orientation, age, marital status, pregnancy, disability, etc.). If you need any specific accommodation due to disability or other reason, let the recruiter know during your application process.
Location
Cracow, Małopolskie, Poland
