Zapraszamy do wysłania życiorysu - skontaktujemy się w przypadku wznowienia projektu lub podobnej oferty.
Job description:
- Respond to cyber incidents, as escalated by the SOC and TOC.
- Act as escalation and incident handler for potential incidents identified by SOC analysts.
- Evolve SOC run-books and SOPs through constant feedback and iterative improvement.
- Collaborate effectively with business SMEs to contain and resolve security incidents.
- Conduct investigations on infrastructure though forensic analysis to identify Indicators of Compromise (IOCs).
- Establish priority and urgency on a wide range of potential incidents and react accordingly
- Assist with post-incident activities
- Maintain incident reporting and communication strategy with senior infosec and business leadership
Job requirements:
- One or more of the following certifications required:GSEC, GCIH, SSCP, CCSP, CISSP-ISSEP, CEH, GCIA, GISF, Security Plus, Network Plus preferred but 3-5 years of experience and demonstrated knowledge accepted
- Strong time management and organizational skills required
- Strong customer service, communication, and presentation skills required
- BS degree in computer science or computer engineering preferred; will consider applicants with equivalent work-related experience with a minimum educational requirement of a high school diploma or GED equivalent
- High degree of familiarity with all aspects of the incident response lifecycle.
- 3+ years of progressive experience with increasing responsibilities within a Security Operations environment
- Good understanding of the threats faced by direct to consumer and digital platform organizations.
- Hands on technical experience with cloud infrastructure and concepts, specifically the security aspects thereof.
- Hands on technical experience with application security topics such as the OWASP top 10.
- Hands on technical experience with SIEM & logging tools (Splunk, Kibana, Qradar) and the ability to extract actionable intelligence from large volume aggregated log storage.
- Hands on technical experience with SOAR Platforms and the concepts of runbooks and automation.
- Working knowledge of network TCP/IP protocols.
- Working knowledge of network security systems such as next gen firewalls, SSO brokers and software defined network infrastructure.
- Hands on technical experience with open source and proprietary threat intel tools such as shodan, virustotal etc. and how they fit into intelligence gathering.