SIEM (IBM Qradar preferable); Security Log Management tools (syslog-ng, rsyslog, logstash, graylog, etc.)
1+ years of experience in IT security is a MUST
Good understanding of computer networks (VLAN, IP addressing, security zones of trust, etc.)
Well-developed skills in OS (Windows and Linux) and cloud environments administration
Thorough knowledge of and previous experience with IDS/IPS; Web Security Proxy; WAF; DLP
Vulnerability Scanners; Malware and Endpoint Protection tools
Understanding of common types of security attacks (DNS cache poisoning, ARP spoofing, DDoS, XSS, CSRF, SQL Injection, etc.)
Basic scripting skills (Python, Perl, Bash, etc.)
Good command of English, proven writing and editing skills
Professional security certification would be an asset.
Monitor compliance of IT infrastructure nodes with applicable security requirements
Handle security vulnerabilities and risks in the IT environment
Set up triggers and review daily security events generated by SIEM, IDS and other security monitoring and threat intelligence tools
Prioritize and differentiate between potential intrusion attempts and false alarms
Handle security incidents as reported by individuals or automated systems
Administer and monitor security dedicated systems (SIEM, IPS/IDS, WAF, Firewall, Proxy, Antivirus, IAM/PAM, PKI, VPN, Log collection and analytics, etc.)
Administer and control data encryption
Process security-related requests.
Infopulse is broadening its core competency within the area of Cyber Security Services, SOC to be precise. Infopulse Ukraine welcomes talented Cybersecurity professionals to join our project as a Junior Cyber Security Analyst L1 for one of our valued Customer. We are looking for an experienced and responsible professional to be part of our expert team.
We are researching and analyzing new cybersecurity threats and technologies to reveal them as well as providing frameworks, processes and tools to prevent them from happening in our Client’s infrastructure.
Junior Cyber Security Analyst L1 participates in SOC operations such as monitoring, incidents investigation and escalation, conducts security checks and produces security recommendations and/or tasks for IT-support to be implemented (tickets).