We are looking for a CISOC Analyst to join one of the teams that Between has implanted in one of our main clients in the pharma sector.
You will work collaboratively to detect and respond to information security incidents, maintaining and following procedures for security event alerting and participating in security investigations.
Main duties:
1. Perform triage, investigation and hunting activities to identify and validate potential security incidents through:
-SIEM alert analysis and hunting activities:
o It's expected to actively work with SIEM solutions to perform:
- Analysis of security alerts escalated from first level operation team
- Hunting activities over stored logs searching for anomalous patterns and behaviors.
- Traffic capture analysis:
o It expected solid understanding of common protocols and main protocol headers to perform packet capture analysis.
- Payload analysis:
o It's expected solid understanding of most common web attacks and capability to difference between actual attacks and false positives through payload analysis:
o Common web attacks to know:
- SQL Injection
- Cross Site Scripting
- Cross Site Request Forgery
- Local / Remote File Inclusion
- Basic understanding of buffer overflow
- Brute Force attacks
2. Perform Open Source Intelligence investigations regarding potential security incidents, vulnerabilities and threats.
3. Apply countermeasures on security layers for security incident containment
o It's expected to perform some platform management activities to adapt security policies to detect and block malicious or suspicious traffics to avoid further damage.
4. Analyze vulnerability scanner reports and report filtered information to technical teams for remediation
o It's expected capability to understand technical description of well-known vulnerabilities in common OS and applications.
5. Record activities in ticketing system
6. Generate security and activity regular reports
7. Manage small to medium sized projects, or play a key role within a large project team regarding security environment.
Además, trabajando para BETWEEN obtendrás los siguientes beneficios añadidos:
Required Professional Experience:
Required knowledge:
Para completar tu candidatura, BETWEEN necesita completar tu registro en su web.