Anunciado 9 de octubre
Esta oferta no acepta candidaturas
Tipo de jornada
Sin especificar
Tipo de contrato
Sin especificar
Salario
Salario sin especificar
Estudios mínimos
Sin especificar
Nivel
Sin determinar
Número de vacantes
1
Tags Relacionados
Descripción del empleo
  • Professional career path development|International team

ICT Services groupe with an extensive history that extends over +100 years, the group family has around 4.000 employees in +20 countries across Europe, APAC & Latin America, and has a complete portfolio of integrated ICT services for the large enterprise and public sector markets. This includes Workspace, Applications, Unified Communications, Data Centre, Cloud, Managed Services, Smart Spaces and Security.




  • Develop threat detection rules to identify modern attacker techniques and tactics in close partnership with the threat intelligence, incident response, security analysts, security architects and infrastructure teams

  • Maintain existing rule base to ensure effectiveness and efficiency and apply lifecycle management to sunset rules when appropriate

  • Assess coverage against ATT&CK framework to identify gaps and opportunities for improvement

  • Develop and maintain effective metrics

  • Support compliance use cases on request

  • Identify need for, create and maintain lists as necessary to support correlation rules

  • Create dashboards to support specific use cases for threat detection and train analysts in their use

  • Provide advisory support to threat hunting activities, such as by developing efficient search queries

  • Develop detection strategies for existing and emerging business needs in partnership with business and IT teams

  • Analyse alert trends to drive improvement

  • Play an active role in maintaining and improving data collection and configuration management frameworks and documentation


An exciting opportunity to join a team within a growing ICT Services company with a global portfolio, as a Cybersecurity Detection Analyst in the SOC team.




Requisitos mínimos
  • Minimum two years experience with SIEM technology, preferably LogRhythm with deep understanding of the AIE function

  • Experience with practical implementation of MITRE ATT&CK framework, preferably in multi-tenant heterogenous environments with a wide range of technologies and varying maturity levels

  • Strong understanding of the information security threat landscape such as attack vectors and best practices for securing systems and networks

  • Competent with RegEx, Sigma, YARA, Snort, Zeek and TShark

  • Experience with performance tuning correlation rules to function well at scale

  • Strong communication skills and ability to write clear documentation

  • Fluent English, written and spoken

  • Structured and results-oriented way of working



Desirable - one of more of the following

  • Strong understanding of common log formats and parsing, including cloud technologies

  • Familiar with common operating systems and network fundamentals

  • Previous experience working as a security analyst

  • Experience with SOAR, UEBA, EDR, NDR or IDS/IPS technology



Desirable Qualification or Certification

  • SANS SEC511 Continuous Monitoring (GIAC GMON Certification)

  • LogRhythm Platform Administrator (LRPA)

  • Cloud certifications (AWS, Azure, other).

  • BSc/MSc in Computer Science or Security



Compartir esta oferta