Security Operations Center

Overview:
**WELCOME TO SITA**:
We're the team that keeps airports moving, airlines flying smoothly, and borders open. Our tech and communication innovations are the secret behind the success of the world's air travel industry.

You'll find us at 95% of international hubs. We partner closely with over 2,500 transportation and government clients, each with their own unique needs and challenges. Our goal is to find fresh solutions and cutting-edge tech to make their operations run like clockwork. Want to be a part of something big?

Are you ready to love your job? The adventure begins right here, with you, at SITA.

**Please note that the Job title on SITA contract for this role will be Senior Specialist Service Operations as aligned with our internal career framework.**

**_
ABOUT THE ROLE & TEAM:_**

SITA is looking for a Security Operations Center (SOC) Analyst L2 position within SITA Global Services (SGS) organization, you will be joining SITA Security Operations Center (SOC), to help grow our professional team.

As a Sr. Security Analyst, you will be responsible to monitor and respond to cyber security alerts and identify their root cause, and potential and actual incidents. You will be responsible for identifying, analyzing, and remediating vulnerabilities and risks across a wide range of systems.

**_
WHAT YOU WILL DO: _**
- Serves as an escalation point of contact for L1 SOC analysts.
- Developing and mentoring SOC L1 analysts, ensuring that processes are followed, updating and creating new processes as needed.
- Identify, respond and react to security alerts in SIEM, EDR, and another related security tools.
- Assist with incident response as events are escalated, including triage, remediation and documentation.
- Incident Response escalation
- Use MITRE ATT&CK framework or another security models for documenting and tracking purposes.

Qualifications:
**WHO YOU ARE**:

- Bachelor's Degree in IT or equivalent in the related field.
- 4-5 years of experience as an L2 SOC analyst.
- Experience with SIEM solution (ELK/Splunk), EDR (Cortex/Crowdstrike/Defender), XSOAR and Threat Intelligence platforms.
- Strong knowledge of vulnerabilities, CVE, 0day and their potential impacts.
- Experience with security automation and orchestration solutions, as well as IDS/IPS systems.
- Must be able to detect, analyze, identify, escalate and document security incidents.
- Good knowledge of cyber-attack stages, profiling techniques, and techniques for detecting host and network-based intrusions.
- Ability to handle multiple priorities simultaneously.
- Experience in ticketing and monitoring systems.
- Open mind and quick learner.
- At least one Information security certification, such as Security +, GSEC, CySA+, CSA, CIH, GCIA, GCFA.

**WHAT WE OFFER**:
We're all about diversity. We operate in 200 countries and speak 60 different languages and cultures. We're really proud of our inclusive environment. Our offices are comfortable and fun places to work, and we make sure you get to work from home too. Find out what it's like to join our team and take a step closer to your best life ever.

**Flex Week**: Work from home up to 2 days/week (depending on your team's needs)
- **Flex Day**: Make your workday suit your life and plans.

**Flex-Location**: Take up to 30 days a year to work from any location in the world.

**Employee Wellbeing**: We have got you covered with our Employee Assistance Program (EAP), for you and your dependents 24/7, 365 days/year. We also offer Champion Health - a personalized platform that supports a range of wellbeing needs.

**Professional Development**: Level up your skills with our training platforms, including LinkedIn Learning

**Competitive Benefits**: Competitive benefits that make sense with both your local market and employment status.