Cyber SOC IR Security Expert - Honeywell - București
București, RO
11 zile în urmă
source : jobs4it

Join a team recognized for leadership, innovation and diversity1 Position OverviewThis position will be a part of the Industrial Cyber-

Security team and will participate in delivering and developing cyber security services for a wide range of industrial global customers.

The position will have a direct reporting relationship to the Global Security Operation Center Manager and Incident Response Lead and work as part of a global managed services team.

The position requires very good cyber security knowledge, excellent analytical skills and proficient handling of specific tools such as SIEMs and Orchestration and Automation platforms.

A successful candidate would be able to evaluate security incidents and determine true positives situations within an environment and provide context enrichment service before escalation to Level 3 Cyber Security Incident Response team as needed.

  • 2 Position Responsibilities Monitors SIEM, trouble tickets / email notifications and in-person escalations, logs from infrastructure components, applications or network devices such as firewalls, IDS / IPS;
  • Examine the escalated tickets to determine if they are true positive or false positives. Performs malware analysis, threat hunting and threat modeling activities;
  • Assist forensic investigation by providing reports and other information; Reviews and suggests improvements to control deployment process and installation procedures Develops and documents remediation recommendations for business owners to improve the control environment in which a security incident occurs.

  • Recommendations must be easily understood by non-technical staff; Provide recommendations and direction on the tuning of signatures, rules, alerts, parsers, and custom scripts within the monitoring solutions;
  • Participates in root cause analysis and helps with the orchestration of remediation; Understand defense in depth strategies and apply those to Client’s environment;
  • Creates and disseminates security related notifications for internal staff (for example : trends, developments, changes in capabilities);
  • Acts as L2 Escalation layer in the SOC. Mentors Level 1 SOC Analysts; Creates manuals, guides and knowledge base entries;
  • Keep abreast of latest security and privacy legislation, emerging threats, regulations, advisories, alerts, and vulnerabilities pertaining to HPS ICS SOC and its customers;
  • Remains knowledgeable of our current solution portfolio and the technical specificities of our offerings.3 Basic QualificationsBachelor’s degree in a computer related field such as Computer Science, Computer information systems or electronics;
  • Minimum of 2 years’ experience in cyber security industry;Minimum of 5 years’ experience in Information Technology;Strong diagnostic and analytical skills including problem solving, trouble shooting, management of priorities and self-

  • direction to resolve complex issues;Effective written and verbal skill to enable strong communication capabilities;Information Technology certifications : ITIL Foundations;
  • Security Certifications : CCNA, Comptia Security+, GCIH, or other similar certifications;osting does not exist for this global job code, please work with your HRG to develop one25 Monitors SIEM, trouble tickets / email notifications25 Examine the escalated tickets25 Mentors Level 1 SOC Analysts25 Performs malware analysis, threat hunting and threat modeling activities1.

  • 1 Other Nice to Have CertificationsGCFA or CEH or other similar certifications;2 Additional Qualifications2.1 Special KnowledgeAbility to write documentation and summaries;
  • Experience working in a client facing Cyber SOC environment;Experience securing industrial or corporate networks and assets against cyber threats;
  • 2.2 Competencies Result oriented; Proactive; Critical reasoning; Ability to work with minimal supervision; Self-learner, self-

  • motivated; Detail oriented.2.3 Skills Operating systems; Virtualization; Networking advanced; Firewalls / Next Generation Firewalls;
  • IPS / IDS Devices; SIEM; Encryption; Patching products, strategies; Antivirus centralized management of solutions; Monitoring availability, security controls / policies, vulnerabilities Scripting;
  • Performance Materials and TechnologiesINCLUDESADDITIONAL INFORMATIONJob ID : HRD64233Category : EngineeringLocation : 3 George Constantinescu,, Upground building, 5th floor (entrance A) District 2, Bucharest, BUCURESTI 020339 ROUHoneywell is an equal opportunity employer.

    Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status.

    Step 2
    Adaugați la favorite
    Eliminați de la favorite
    Email-ul meu
    Făcând clic pe "Continuați", sunteți de acord că nevoo colectează și procesează datele personale pe care le-ați furnizat în acest formular pentru a crea un cont nevoo și pentru a vă abona la alertele noastre prin e-mail, în conformitate cu Politica de confidențialitate . Puteți să vă retrageți consimțământul în orice moment, urmând și pașii .