Cyber Security Operations Analyst
For our client, a large international leader at financial market, we are searching for Cyber Security Operations Analyst. Mission of the team is creating, implementing, and monitoring a global security framework that supports safe. Team of Cyber Security Operations Analyst is responsible for defending company's infrastructure and sensitive data of millions of customers.
Right now, we are looking for a colleague that will stand at the helm of global IT Security projects, coordinating and ensuring their successful implementation.
Your mission and daily tasks:
Cyber Security Operations Analyst will be end to end responsible for operations, development and continuous improvement of Security systems with the worldwide Companies scope. You will define and organize the implementation of IT security policy in related security and network security systems. You will also cooperate and configure system security policies such as SIEM, Privilege access management or vulnerability management. The responsibility in this position will also be the development of company cyber defense - support of security monitoring team during investigation and handling of security events and incidents, help to adopt a more proactive approach to identifying previously unknown or ongoing no remediated threats within our organization's infrastructure. Your will be in touch with colleagues from monitoring, together you will create a map of risks.
Your options are almost endless: If you come up with something new and you convince our client that is has value, you may get full support and make things happen instantly.
- Real-world problems: You will be working on real cyber-security projects with real data of world-wide organization.
- Mentoring: Client have resources in IT operations, cyber-security and management.
- Learning: If you grow, client grows. Education is the best investment possible. Therefore, client will offer you trainings, education resources, and most importantly, real world experience of first class experts
- Experience in IT security Operation area (SIEM technology preferred)
- Fluent English both spoken and written
- The perfect time management and communication skills
- Experience with building or operating the SOC is a plus
- Knowledge of IT Security principles, systems architecture and security best practice and frameworks such as ISO 27000, ITIL, COBIT.
- Capability to write simple scripts in bash/python or any other scripting language
- Understanding and practical experience with REST API and with writing regular expressions
- Knowledge of IT systems, technologies, cloud platforms (MS Azure), and networking (LAN, WAN and Internet network infrastructure, Unix based systems and Windows systems).
- In-depth knowledge of at least a few of the IT security technologies like IT Security and Network monitoring (SIEM, Netflow/SFlow/JFlow etc.), DLP, IdM, PAM, IPS/IDS, Vulnerability management, application firewalls etc.
- Good knowledge of logging pipelines with tools like rsyslog, vector, fluentd, or logstash. You must be familiar with how these tools are configured, scalable, and pluggable into other systems, such as cloud storage and SIEMs.
- Having a good understanding of recent attacker techniques, tactics, and procedures (TTPs) can help to develop a robust set of within our environment.