Security Analyst

Maintain, enhance, and execute in the areas of Incident Response, Threat Intelligence, Security Monitoring and Vulnerability Management.

The role supports Incident Response by bringing experienced/trained, incident and problem management skills to the detection, containment, eradication, and recovery following accidental and malicious security events. In addition to the specialized training required, as part of the infrastructure service delivery organization, experience with ITIL and other control frameworks such as COBIT is required for cost reduction.

The role supports Threat Intelligence service including discovering threats from thousands of sources, understanding the threat landscape, keeping current with intelligence sources/news and discovering current, emerging or zero-day threats (e.g. Log4J) and responding following SOC processes.

The role supports the continual improvement of Security Monitoring, responding to alerts and data collected for investigation and identifying process improvement.  As we defend our on-premises data centers and start fully leverage cloud-based services (Microsoft 0365, Azure, Oracle), every layer of the company’s security model faces additional opportunities for accidents and malicious actions that could result in data breaches or malicious actions.

“We not only live up to the expectations of our customers for today, but also anticipate their market needs of tomorrow.”

 

Essentials:

 

  • Deployment and Support of SIEM or event management, monitoring and correlation solutions.
  • Deep understanding of EDR and XDR solutions, layered security concepts
  • Vulnerability management and discovery tools
  • Integration of diverse security solutions, automation of processes/SOAR to improve SOC service levels
  • Development/script knowledge, advanced knowledge of Windows and Unix environments.
  • Network security tools (Firewalls, IDS/IPS, DDoS mitigation)
  • Prior experience working in a SOC, SCIRT or related role