.Eviden, part of the Atos Group, with an annual revenue of circa € 5 billion is a global leader in data-driven, trusted and sustainable digital transformation.
As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries.
By uniting unique high-end technologies across the full digital continuum with 47,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come.Job Description: Tier 2 SOC Analyst (Senior SOC Analyst) – Splunk SIEM EnvironmentKey Responsibilities:Monitor and ensure timely detection and notification of all threats within the customer environment using Splunk SIEM.Deliver customer-specific requirements, adhering to agreed service level agreements (SLAs).Understand customer expectations and translate them into actionable service outcomes.Manage the scope of work, including scheduled and ad-hoc deliverables, and track deviations effectively.Collaborate with platform administrators to onboard new log sources, maintain the health of the Splunk infrastructure, and ensure seamless integration of devices.Develop and maintain threat detection scenarios and procedures aligned with industry best practices and customer requirements.Leverage strong analytical and technical skills to enhance computer network defense operations, including Splunk query creation and advanced threat detection techniques.Handle incidents by performing detection, analysis, triage, and resolution.Perform threat hunting using Splunk's capabilities, identifying anomalous patterns, and managing content such as custom dashboards, alerts, and reports.Investigate security events, distinguishing actual incidents from false positives, and apply Splunk searches to enrich detection.Maintain working knowledge of: Operating systems (Windows/Linux), Network technologies (firewalls, proxies, DNS, and NetFlow), Active Directory and identity-based attacks, Network protocols (TCP, UDP, ICMP, etc.)
and routing principles, Common internet applications and standards (SMTP, DNS, DHCP, SQL, HTTP/HTTPS).Perform gap analysis to ensure all in-scope log sources are monitored effectively.Identify missing use cases, hunting models, or detection scenarios, ensuring the highest level of threat detection.Conduct domain-specific assessments to identify business-critical applications and technologies that require focused monitoring.Act as the first point of contact (FPOC) for client issues, responding promptly to queries and taking ownership until resolution.Facilitate log source onboarding or decommissioning and coordinate with internal teams to meet customer requirements.Maintain transparency and demonstrate the value of SOC operations during periodic reviews such as MIS and QBR meetings