IT Security Consultant - Dell Secureworks - Bucharest, Romania
Bucharest, Romania
‎în urmă cu 23 ore

Key Responsibilities

This role will function as a Incident Response Consultant. You will receive investigations and respond to activity within the clients environment detected by SecureWorks Managed Security Services

In this position you will own / contribute to the investigation of high incidents, performing root cause investigations, determining the source of the threat, the extent to which client assets have been compromised, making recommendations for remediation, and assisting in the implementation

  • Develop, implement, and execute standard procedures for the administration, content management, change management, version / patch management, and incident lifecycle management
  • Prepare operational governance reports and present them to the business stakeholders and client representatives
  • Develop and review team training plans and facilitate career development for engineers of all seniority levels
  • Perform an advanced analysis of threat actors’ intrusion artifacts and using discovered data to enable mitigation actions of incidents within the network
  • Utilize in-depth technical knowledge to design complex detection procedures for the detection of threat actor’s behavior
  • Work as an internal subject matter expert for other departments, including internal teams
  • Requirements :

    Essential Requirements

  • 5+years of Information Technology experience with network technologies (CCNA, JNCIA certificationare desirable)
  • Experience around the SIEM processes, monitoring & collecting, escalation strategies, data source normalization, event reduction, threshold tuning, alert triggers, threat Intelligence, threat modeling, triage
  • Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, intrusion detection systems, system logs)
  • Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management
  • Knowledge requirements

  • Understanding of typical threat actor profiles, the typical indicators associated with these profiles, and be able to develop innovative techniques to detect malicious activity
  • Knowledge of tactics, techniques, and procedures associated with malicious activity
  • Able to correlate and aggregate information from all available data sources, security tools, and threat trends to identify attacks against the client network
  • Knowledge of forensic tools to identify anomalous and potentially malicious behavior
  • Able to perform network traffic analysis and design use cases based on the findings
  • Skills & Competencies

  • Performing analysis of security and infrastructure logs
  • Researching targeted threat groups and their tactics, techniques and procedures (TTP)
  • Programming with Python, C, C++, IA32 / 64 Assembly
  • Experience developing tools for malicious code analysis, network traffic analysis and the detection of malicious code on endpoint systems is a strong plus
  • Performing vulnerability and exploit research and analysis
  • Strong understanding of computer architecture and operating systems concepts
  • Thorough knowledge of information security components, principles, practices, and procedures
  • Thorough understanding of computer network exploitation (CNE) and computer network defense (CND) concepts
  • BA / BS in engineering / computer science or acceptable combination of education and experience required. Masters, PhD or other advanced degree preferred
  • Aplică
    Email-ul meu
    Făcând clic pe "Continuă", acord nevoo consimțământ de a procesa datele mele și de a-mi trimite alerte prin e-mail, așa cum este detaliat în policyApplicația de confidențialitate a lui neuvoo. Pot să-mi retrag consimțământul sau să mă dezabonez în orice moment.