L1 Support Operation Analyst
Share
Job Location:
Monthly Salary:
Posted on:
17 hours ago
Vacancies:
1 Vacancy
Job Summary
Req ID:503060
At Alstom we understand transport networks and what moves people. From high-speed trains metros monorails and trams to turnkey systems services infrastructure signalling and digital mobility we offer our diverse customers the broadest portfolio in the industry. Every day more than 80 000 colleagues lead the way to greener and smarter mobility worldwide connecting cities as we reduce carbon and replace cars.
| Key Responsbilities: | Security Operations: Work across multiple shifts to ensure 24/7 security monitoring and incident response. Oversee threat detection and response using SIEM NIDS and endpoint protection platforms. Administer and maintain Trellix ePO for endpoint security and policy enforcement. Monitor and manage alerts from Network Intrusion Detection Systems (NIDS). Coordinate incident tracking and resolution using ServiceNow. Collaborate with IT and facilities teams via Maximo for infrastructure-related security events. Governance & Compliance: Ensure SOC operations align with internal policies and external regulatory requirements (e.g. ISO 27001 NIST GDPR). Maintain and update SOC playbooks SOPs and escalation matrices. Participate in internal and external audits ensuring readiness and compliance. Reporting & Metrics: Generate and present regular reports on SOC performance incident trends and threat landscape. Track and report KPIs such as MTTR false positive rates analyst efficiency and SLA adherence. Provide executive-level summaries and dashboards for senior leadership and governance forums. Continuous Improvement: Drive automation and optimization of SOC workflows and alert triage. Collaborate with threat intelligence IR and vulnerability management teams to enhance detection capabilities. Evaluate and recommend new tools and technologies to improve SOC effectiveness. |
| Required Qualifications: | Bachelors or Masters degree in Cybersecurity Information Technology or related field. Minimum 3 years of experience in SOC operations. Strong experience with SIEM platforms Trellix ePO NIDS ServiceNow and Maximo. Solid understanding of incident response malware analysis and threat intelligence. Excellent leadership communication and analytical skills. Relevant certifications such as CISSP CISM GCIA GCIH CEH or equivalent is preferrable. |
| Preferred Qualifications: | Experience with cloud security monitoring (AWS Azure GCP). Familiarity with MITRE ATT&CK framework and threat modeling. Knowledge of scripting and automation (Python PowerShell). Experience working with SOC operations in a hybrid or global environment. |
You dont need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family youll be proud. If youre up for the challenge wed love to hear from you!
Important to note
As a global business were an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. Were committed to creating an inclusive workplace for everyone.
Job Type:Experienced
Required Experience:
IC
Key Skills
- Corrosion Inspection
- Commerce
- Customer Support
- Facility Management
- AC Maintenance
- Asic
About Company
Leading the way to greener and smarter mobility worldwide, Alstom develops and markets integrated systems that provide the sustainable foundations for the future of transportation.
