Security Analyst (ID:8879) (вакансія неактивна)

• At least 3 year of professional experience with IT and Network Security products and services, at least one year of professional experience with SIEM platforms and of doing security analytics
• Experience with Security Information and Event Management (SIEM) tools like Splunk, ArcSight, QRadar, etc.
• Knowledge and experience with Unix-like/Microsoft operating systems (where you have practical experience hardening them and solid understanding of how they work)
• Knowledge of IT and Network Security principles, techniques and technologies
• Practical knowledge of security systems on the market (eg. Firewall, DMZ, SSL/IPSec VPN, Proxy, Remote Access, PKI ...)
• Expert knowledge of Networking protocols and technologies, e.g. TCP/IP, Firewalls, NGFW, Routers, etc.
• Application security and general information security knowledge (eg. XSS, buffer overflow, URL tampering, SQL Injection, DDoS, Botnets, ...)
• Programming and/or scripting skills in any of the following: Python, Php, Bash, Powershell, Java
• Proficiency in written and spoken English

• Experience with Vulnerability scanners like Nessus, MVM, Qualys, etc.
• Experience with IDS/IPS solutions (Security Onion, Snort, Cisco IPS, NGIPS)
• Solid experience in programming/scripting
• IT Security Certifications like CISSP, CISM, CISA, CEH, GCIH, GCIA, OSCP, etc.
• University degree in Information Technology, ideally IT Security related

We offer the opportunity to cooperate in professional and challenging environment in telecommunications sector. The prospective candidate will have an opportunity to join BICS team on both national and international levels.

• Perform various security related tasks according to standard operating procedures
• Participate on interconnecting the SIEM tool with sources of security incidents — e.g. logs from servers and applications, IDS/IPS, network and security devices, Vulnerability Management system, Antivirus system, etc.
• Build new use cases and enhance already existing ones, create alerts and monitoring dashboards, build reporting and SOC’s KPI
• Develop and fine-tune security processes and procedures
• Actively detect and identify security weaknesses and determine the required remediation plan
• Dealing with improvements and/or automation of existing tooling (look into evaluation and selection of new tools and supporting assets)
• Perform security incident analysis and recommend remediation steps
• Participate in automation of the incidents prioritization and false positives identification
• Act as a first-line contact point for various security consultations