IT Security Senior Advisor - Dell Secureworks - Bucharest, Romania
Bucharest, Romania
6 zile în urmă

Role Overview

The successful candidate must be a strong leader in the security field with proven technical skills and experience researching, validating and responding to advanced threat actors.

In this role, the candidate will make use of all available data sources, security tools, and threat trends and combining security monitoring and analysis techniques will identify attacks against the organizations.

Key Responsibilities :

This role will function as a Incident Response Consultant. You will receive investigations and respond to activity within the clients environment detected by SecureWorks Managed Security Services.

In this position you will own / contribute to the investigation of high incidents, performing root cause investigations, determining the source of the threat, the extent to which client assets have been compromised, making recommendations for remediation, and assisting in the implementation.

  • Develop, implement, and execute standard procedures for the administration, content management, change management, version / patch management, and incident lifecycle management
  • Prepare operational governance reports and present them to the business stakeholders and client representatives
  • Develop and review team training plans and facilitate career development for engineers of all seniority levels
  • Perform an advanced analysis of threat actors’ intrusion artifacts and using discovered data to enable mitigation actions of incidents within the network
  • Utilize in-depth technical knowledge to design complex detection procedures for the detection of threat actor’s behavior
  • Work as an internal subject matter expert for other departments, including internal teams
  • Requirements :

    Essential Requirements

  • 5+years of Information Technology experience with network technologies (CCNA, JNCIA certificationare desirable)
  • Experience around the SIEM processes, monitoring & collecting, escalation strategies, data source normalization, event reduction, threshold tuning, alert triggers, threat Intelligence, threat modeling, triage
  • Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, intrusion detection systems, system logs)
  • Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management
  • Knowledge requirements

  • Understanding of typical threat actor profiles, the typical indicators associated with these profiles, and be able to develop innovative techniques to detect malicious activity
  • Knowledge of tactics, techniques, and procedures associated with malicious activity
  • Able to correlate and aggregate information from all available data sources, security tools, and threat trends to identify attacks against the client network
  • Knowledge of forensic tools to identify anomalous and potentially malicious behavior
  • Able to perform network traffic analysis and design use cases based on the findings
  • Skills & Competencies

  • Performing analysis of security and infrastructure logs
  • Researching targeted threat groups and their tactics, techniques and procedures (TTP)
  • Programming with Python, C, C++, IA32 / 64 Assembly
  • Experience developing tools for malicious code analysis, network traffic analysis and the detection of malicious code on endpoint systems is a strong plus
  • Performing vulnerability and exploit research and analysis
  • Strong understanding of computer architecture and operating systems concepts
  • Thorough knowledge of information security components, principles, practices, and procedures
  • Thorough understanding of computer network exploitation (CNE) and computer network defense (CND) concepts
  • BA / BS in engineering / computer science or acceptable combination of education and experience required. Masters, PhD or other advanced degree preferred
  • Why work with us?

    Life at Secureworks means collaborating with dedicated professionals with a passion for technology. When we see something that could be improved, we get to work inventing the solution.

    Our people demonstrate our winning culture through positive and meaningful relationships. We invest in our people and offer a series of programs that enables them to pursue a career that fulfills their potential.

    Our team members’ health and wellness is our priority as well as rewarding them for their hard work. Our Bucharest office is vital to Secureworks.

    It serves as our core Security Centre of Excellence hub for EMEA. It’s a large, modern, open plan space conveniently located in AFI Business Park, which is a short walk to the AFI Palace Cotroceni Mall.

    Our team have access to complimentary fresh coffee and fruit or they can take a break in the games or break out area.

    Secureworks, a Dell Technologies company, is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment.

    All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, colour, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and / or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate.

    Secureworks will not tolerate discrimination or harassment based on any of these characteristics.

    Job Family : Secureworks Job ID : R047287

    Adaugați la favorite
    Eliminați de la favorite
    Email-ul meu
    Făcând clic pe "Continuă", acord nevoo consimțământ de a procesa datele mele și de a-mi trimite alerte prin e-mail, așa cum este detaliat în policyApplicația de confidențialitate a lui neuvoo. Pot să-mi retrag consimțământul sau să mă dezabonez în orice moment.