IT Security Analyst 4
Oracle
Bucharest, Romania
3 zile în urmă

Preferred Qualifications

SENIOR SECURITY ANALYST/MALWARE INCIDENT HANDLER - GLOBAL IT, RISK MANAGEMENT

As part of Global IT’s Threat Management team within Risk Management, you will be part of a global Malware Incident Response team identifying security events and coordinating the response for the relevant technical support groups, businesses at risk and service recovery teams. As a member of this fast paced team, you will execute controls to protect the infrastructure and employees against internal and external malicious attacks and infiltration.

The security analyst is responsible to monitor and help maintain the security posture of the Global IT environments. These responsibilities include hunting for malicious activity not detected via other security controls, correlating that information with threat intelligence, leading the incident response related to those detections, or figuring out how to mitigate these risks/threats in the future. 

Using cutting edge network behavior and anomaly detection tools, the analyst will examine, identify, and understand the nature of cyber-threats such as viruses, worms, bots, root kits and Trojan horses. The security analyst will be spending hours or days looking down rabbit holes that may dead-end only having to start back over from the start. A determined and self-motivated person is a necessity.

In addition, it may be necessary to work directly with employees to collect, analyze and submit virus samples to our vendors, help remediate malware infections and prevent further damage. The analyst will be expected to participate in security project tasks on an as needed basis, and interact directly with Security organizations and multiple Lines of Businesses globally.

Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.

Performs both dynamic and static analysis of malware samples to determine source of the malware, additional IOCs, and creating tactics, techniques, and procedures of threat actors.

Detailed Description 

Researches attempted efforts to compromise security protocols and malicious activity. Analyzes malware using both dynamic and static tools. Attempts to identify gaps in detections of security sensors by implementing latest exploits. Staying current with latest threats and risks.

Job Requirements

Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.

Additional Details

Responsibilities:

• Work directly with end users to identify, isolate and pull malware on the end-points.

• Identify, analyze, and document malicious network or system activity and determine sophistication, priority, and threat level of computer security related attacks.

• Key contributor in various facets of incident response including notification, escalation response, and post incident review.

• Experience managing, responding to and resolving situations caused by malicious attacks.

• Ability to analyze information to identify network threats such as scans, malware, or complex attacks.

• Perform analysis on logs, traffic flows, and other activities to identify malicious activity.

• Enhance existing incident response methods, tools and processes which provide the organization value by reducing risk.

• Performs dynamic and static analysis of malware using automated tools or disassembler/debugger.

• Contribute towards improving incident response delivery by leveraging lessons learned.

Qualifications:

• Eight years IT experience which includes networking, end-point security suites, and 4 years of IT Security experience

• Four years experience in working with SIEM, logs, and other events.

• Three years of security incident response/malware analysis.

• Two years malware identification, reversing, and analysis.

• Thorough understanding of malware infection vectors, identification and remediation techniques on multiple operating systems including Windows, OS X, and Linux.

• Experience in security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience.

• Ability to work with huge data sets using command line tools

• Capable of scripting using Python, Perl, Ruby, etc, or programming in general.

• Experience in utilizing the Cyber Kill Chain or Attacker Lifecycle phases.

• Experience in gathering and managing threat intelligence

• Understanding of netflows, networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network infrastructure.

• Security processes and technologies including threat analysis, security monitoring and security technologies like IDS/IPS, Malware and DDoS prevention technologies.

• Experience in following incident response procedures and standards, strong communication skills and ability to articulate events to senior management.

• Extreme capability for network behavior and anomaly detection experience 

• Excellent communication skills, analytical ability, strong judgment and leadership skills, and the ability to work effectively with IT management and staffs.

• Dedicated and self driven desire to research current information security landscape and threats.

• Vulnerability scanning, pentesting, and code analysis experience a plus.

Certifications:

• Certified Information Systems Security Professional (CISSP) certified/qualified or ability to actively work towards obtaining certification.

• GIAC Certified Incident Handler (GCIH) or demonstrated skills and ability to obtain certification.

• Certified Ethical Hacker (CEH) or demonstrated skills and ability to obtain certification.

Detailed Description and Job Requirements

Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.

Researches attempted efforts to compromise security protocols. Maintains security systems for routers and switches. Administers security policies to control access to systems. Maintains the company’s firewall. Uses applicable encryption methods. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information.

Leading contributor individually and as a team member, providing direction and mentoring to others. Work is non-routine and very complex, involving the application of advanced technical/business skills in area of specialization. Prefer 8 years relevant experience and BA/BS degree.

As part of Oracle's employment process candidates will be required to complete a pre-employment screening process, prior to an offer being made. This will involve identity and employment verification, salaryverification, professional references, education verification and professional qualifications and memberships (if applicable).

Job

:Information Technology
Aplică
Adaugați la favorite
Eliminați de la favorite
Aplică
Email-ul meu
Făcând clic pe "Continuați", sunteți de acord că nevoo colectează și procesează datele personale pe care le-ați furnizat în acest formular pentru a crea un cont nevoo și pentru a vă abona la alertele noastre prin e-mail, în conformitate cu Politica de confidențialitate . Puteți să vă retrageți consimțământul în orice moment, urmând și pașii .
Continuă
Formular