Є ідея гри чи геймінг-сервісу? Реєструйся на онлайн-хакатон 7.08! Призовий фонд — $3000
SoftServe is the largest Ukrainian IT company, a team of 8000+ thinkers and makers, true professionals and good people. We like what we do and do it well. For us, that means a lot.
25 июня 2020

Senior Security Analyst (ID 53396) (вакансия неактивна)


Together with our client, we are working on providing the best solution for the business.
Our client is the world’s largest travel site, operating at scale with over 700 million reviews, opinions, photos, and videos, reaching over 390 million unique visitors each month and covering approximately 7.7 million accommodations, airlines, experiences, and restaurants.
The client is well-known for having an extremely strong engineering organization, you’ll be working with the best, playing with cool toys and getting stuff done in the most impactful area of an incredibly profitable growing company. They trust our engineers to come up with, implement, and take responsibility for their own designs. Engineers can take a flexible approach to their daily work.

Demonstrating fluency in the following areas
3-5 years of previous Security Operations Center experience in conducting security investigations
• Bachelor’s Degree / Diploma or equivalent experience in a relevant area of study with a preference for Information Security, Computer Science or Computer Engineering
• Ability to turn manual processes into automated scripts using Python, Java, or similar languages
• Security monitoring experience with one or more SIEM technologies, ELK, IBM QRadar, LogRhythm, Splunk
• Proficiency in digital investigations including computer forensics, network forensics, malware analysis, and memory analysis
• Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents
• Strong understanding of networking protocols and basic networking concepts
• Being a self-starter who works independently and adjusts to changing priorities, a critical and strategic • thinker, negotiator, and a consensus builder
• Strong knowledge of IT including multiple operating systems and system administration skills (Windows, Linux, Mac)
• A concept of security incident management, malware management and vulnerability management processes
• Upper-Intermediate English, both in written and verbal form. Information Security professional certifications such as CISSP, CISM, CISA, GSEC, CEH are preferred

An opportunity to
• Lead internal threat / unintended threat hunting/deception activities
• Act as the lead coordinator for individual information security incidents
• Execute red team activities to identify risks not found by existing security tools
• Define, create, and maintain SIEM correlation rules, custom build documents, security processes, and procedures. Follow ITIL practices regarding incident, problem and change management
• Automate manual processes to improve efficiency and accuracy of investigations
• Stay up-to-date with emerging security threats including applicable regulatory security requirements
• Сonduct information security investigations as a result of security incidents identified by level-1 security analysts monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone), act as a point of escalation for level-1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques
• Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Center
• Document incidents from initial detection through final resolution
• Participate in security incident management and vulnerability management processes
• Coordinate with IT teams on escalations, tracking, performance issues, and outages
• Work as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats
• Communicate effectively with customers, teammates, and management
• Provide recommendations in tuning and optimization of security systems, SOC security process, procedures, and policies

• Proactively detect advanced threats that evade traditional security solutions by using both manual and machine-assisted capabilities, aiming to find the Tactics, Techniques, and Procedures (TTPs) of advanced adversaries
• Participate in threat actor based investigations, internal red team activities, create new detection methodology and provide expert support to incident response and monitoring functions.
• Use data analysis, threat intelligence, open-source intelligence, and cutting-edge security technologies to develop and execute hunting processes (manual and automated) that will identify threats and provide quick responses

Горячие вакансии

Все вакансии