Сучасна диджитал-освіта для дітей — безоплатне заняття в GoITeens ×
Built around a group of security architecture experts and pentesters in 2007, ITrust provides its customers with a high level of expertise and innovative solutions, both enabling them, over time, to significantly and continuously increase their security level.
25 листопада 2021

Security Engineer / SOC Analyst L3 (вакансія неактивна)

віддалено

Необхідні навички

You have secondary technical or higher education in IT and you already have significant experience of at least 3 years in IT security.
You speak technical English and/or French.
You have skills/knowledge on:
— Security tools (WAF, PROXY, FIREWALL, IDS, Anti-virus, Vulnerability Scanner, SIEM, Threat Intelligence, SOC Orchestration).
— LINUX/UNIX system administration.
— Analysis of system, network and application event logs.
— Log analysis or safety supervision solutions (SIEM).
— Scripts in Python
— Computer forensics
— Reverse Engeeniring, Malware Analysis, evaluation of new solutions that can be integrated into the SOC
— Reporting, KPI

Пропонуємо

— Join an international company that provides possibilities for professional and personal growth
— Involve into challenging, large-scale projects which have an impact for our customers
— Knowledge sharing in our young IT community
— Work as a subcontractor (you need to be registered as a private entrepreneur in your country)
— Distant work possibilities
— Competitive remuneration

Обов’язки

As a part of the SOC team and under the supervision of the SOC Manager, you will be in charge of cybersecurity alerts escalated by Level 1 operators. You will analyze and investigate in order to determine the criticality level of the alerts.
You will make investigations and provide advice to customers as well as instructions to Level 1 & 2 operators.
You will need to apply and develop your knowledge on the following subjects:

Security Monitoring:
— Maintain the system in operational conditions (SIEM platforms, forensic solution, IFDP/IPS, vulnerability scanner)
— Analyze and process cybersecurity alerts
— Analyze, escalate and support the remediation of security incidents
— Communicate via alert notice
— Monitor system, network or security equipment
— Conduct investigations/analyses of logs/packages
— Set up a security monitoring system
— Conduct further investigations of detected incidents
— Analyze and process security alerts reported by supervisors
— Contextualize and qualify security incidents in a precise manner
— Write security incident reports
— Estimate the technical impact as a result of an incident
— Work to improve the detection capabilities of the service
— Participate in the development and maintenance of event correlation mechanisms and rules
— Take control of the operation of the alert feedbacks from the detection center

Relationships with clients:
— Participate in committees with clients as a technical advisor
— Maintain a follow-up of the actions and activities detected
— Identify or develop log collection and analysis solutions for supervisory purposes
— Provide recommendations on security incidents to clients for incident management purposes
— Analyze and support the remediation of security incidents or feedback of security audits as well as determine the root causes
— Comprehensive analysis of attacker’s actions on the compromised perimeter
— Ensure communication with the teams working on the supervised sites
— Pre-sales help

Other:
— Propose the acquisition and integration of state-of-the-art analysis tools to respond to the problems encountered
— Participation in SOC improvement projects (tools, processes, increasing coverage of the SOC, etc.)
— Knowledge of attack methods and security technologies (SIEM, firewalls, IDS, ...)
— Participate in the improvement and development of the processes, procedures, and documentation of the service
— Work autonomously on its analyses and investigations
— Ensure a technical monitoring of log formats, event types, event correlation mechanisms and algorithms, as well as security supervision tools (SIEM, Security Information and Event Management)
— Contribute to the deployment of security supervision systems, their configuration and their correct functioning (tests, maintenance in operational conditions, support for analysts using these systems, etc.)
— Share the principles of customer-oriented service

Про проєкт

If you are ready to get involved in the development of innovative technologies alongside a team of enthusiasts with diverse skills, send your resume to [email protected] or contact directly the responsible person:
Didenko Iryna
+380 63 33 76 974 (Viber, Telegram)
+33 6 01 46 36 22 (WhatsApp)

Гарячі Analyst вакансії

Всі Analyst вакансії