Cyber Security Operations Expert
București, RO
1 zi în urmă
source : jobs4it

departmentITOverview : Cyber Security Operation Expert is the primary defense component when a Security incident is confirmed with overall responsibility for defining and executing the Incident Response lifecycle and remediation activities as a part of Incident Handling.

  • The role of our new colleague is to integrate the SIEM with critical business functions, to perform SIEM administration and analytics (design and implementation of uses cases plus maintenance);
  • to conduct technical analysis to determine impact, scope, and recovery options from actual or potential cyber incidents;
  • to employ digital forensics tools and techniques where required to support Cyber Incident Response activities.The candidate will document the results of threat analysis and any subsequent remediation and recovery in a consistent manner;
  • will present the incident report to involved parties and will write and distribute Lessons Learned technical articles for knowledge sharing.

    The Cyber Security Operation Expert will have engineering responsibilities : to define and implement advanced solutions that answer to security and cyber-

    security threats; to extend Security Operations Center activity to areas not yet covered.The candidate should possess deep knowledge in : OS LinuxIntegrated security architectures, technologies and security methodsMalware analysis, vast experience with cyber security threatsVast experience with security high end technologiesExperienced with analysis and incident responseSIEM operations and administrationPenetration tests, Ethical hackingScripting and programming skills (e.

  • g. python, ruby, JavaScript, C / C++, php)Automation skills and automating tasksProfessional team player, passionate about securitySecurity qualifications and certifications will be highly appreciatedResponsibilities : Integrate,administrate, maintain and develop the SIEM platformPerform Cyber Security Incident Response life cycle (preparation;
  • detection andan alysis, containment, eradication and recovery; post-incident activity)Prepare reports on the identified treats or incidents together with the associated recommendations;
  • performs the follow-up to implement the recommendationsAssesses Cyber Security risks and analyze potential mitigation strategies to reduce the exposure (Use Cases, Scenarios)Detailed analyses of various security event sources (FW, IDS, PROXY, AD etc.

    Acts as the interface with other IT / Network and business departments regarding Cyber Security incidentsPerform on call activityProvide support to L1 analysts inside Security Operations CenterCarries out studies and research on intrusion detection methodsParticipate in the implementation and improvement of the specific tolls associated to Security Operations Center ecosystemInvestigates, proposes and develops automated methods for detection and malware analysisParticipate in the implementation and development of specific business security models, acting as a security adviser.

    Defines preventive actions and needed operations, as a leader of security improvements activitiesKeeping up to date with industry trends and technologyPerforms and presents security audits, specific IT penetration tests, vulnerabilities exploitationThank you!contractRegular

    Adaugați la favorite
    Eliminați de la favorite
    Email-ul meu
    Făcând clic pe "Continuă", acord nevoo consimțământ de a procesa datele mele și de a-mi trimite alerte prin e-mail, așa cum este detaliat în policyApplicația de confidențialitate a lui neuvoo. Pot să-mi retrag consimțământul sau să mă dezabonez în orice moment.