Senior Cybersecurity Analyst - București, România - Smarttech247

Descriere

Smarttech247 Cybersecurity SOC Team is looking for senior security analysts No matter how sophisticated attacker behaviors become, Smarttech247 Cybersecurity will help enterprises detect, investigate, and respond to advanced attacks and data breaches on their networks.

Our team uses deep knowledge of the attacker landscape and, high-level security tools, ensuring that Smarttech247 Cybersecurity customers are well-equipped to quickly respond to threats identified in their unique environments.

ROLE DESCRIPTION SUMMARY The position is responsible for monitoring and analyzing security events from multiple sources and for managing security incidents to ensure a coordinated, timely, and effective response to security incidents.

He / She supports key security management processes by providing intelligence from security incidents, identified vulnerabilities and threats.

MAIN RESPONSIBILITIES:
Collect, monitor, and analyze security information from different information resources to identify relevant threats, vulnerabilities, and security incidents within the client's environment;
Perform in-depth technical analyses of security threats and incidents, including malware analysis, and network and system forensic analyses;
Assess and triage security incidents, and coordinate the appropriate notifications and escalations in a timely manner;
Manage security incidents to ensure a coordinated, timely, and effective response to security incidents;
Document security incidents, including analysis results, the timeline of events, and incident response activities;
Provide synthesized intelligence from different information resources and security incidents to support key security management processes, such as the development and promotion of information security policies, standards, processes, and procedures and monitoring compliance to the information security policy framework;

Perform analysis of log files from a variety of sources (., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.

COMPETENCIES:
English experienced user;
Really good knowledge of all Operating Systems (Windows, Linux, macOS, Android, IOS...);
Really good knowledge of Networking Security Tools and Devices;
Good research skills and impressive attention Passionate to threat hunting and investigating;
Good knowledge of the following security tools administration will represent an advantage: IBM QRadar, Swimlane, Proofpoint(TAP, TRAP, and Enterprise Security), Office 365 Security Toolset, Defender ATP, SentinelOne, CrowdStrike, Tanium, Azure AD, Microsoft CASB, Palo Alto firewalls(Minemeld), Microsoft Intune, Trend Micro Products;
Excellent experience in managing large and small-scale incidents;
Innovative mind;
Strong analytical and problem-solving skills;
Stress resistant and able to manage multiple incidents and tasks at the same time;
Good written and verbal communication skills;
Excellent team player;
Ability to effectively interact with all organization stakeholders.


Required qualifications:
3-5 years in a technical role in the area of Cybersecurity, Networking, Threat Intelligence, and Cyber Incident Response;
Mandatory at least 2 years of experience with QRadar, Splunk and Crowdstrike, also would be a great advantage to know tools such as Proofpoint Protection, Tanium, Azure, Armis, and Microsoft Defender;
Experience analyzing attacker techniques that leverage email and cloud-service tactics;
Excellent experience managing large and small-scale incidents;
Experienced in network traffic and analyzing them for indicators of compromise;
Good experience in analyzing and triaging security events from various sources;
Excellent understanding of the tools and tactics used by different threat agents;
In-depth knowledge of computer forensics, security vulnerabilities, and exploits;
Strong knowledge of system security, application security, and network security;
Advanced knowledge of operating system internals and security mechanisms;

Solid working knowledge of security technologies, such as Antivirus, Network and Host Intrusion Detection Systems, Web Proxy/Content Filtering, Authentication technologies, Security Information and Event Management.

Benefits

SOC Analysts at Smarttech247 have opportunities for mentorship from more senior members of the team, and involvement with maturing procedures, evaluating new security technologies, and incident response;
Meal tickets;
Health insurance;
Medical assistance in a private network;
Partial benefit at 7card.