<    Volver a Ofertas

Ubicación

Sant Cugat del Vallès (España)

Sector

Internet y tecnología

Contrato

Indefinido

Salario

39000 – 50000 Bruto/año

We are looking for a CISOC Analyst to join one of the teams that Between has implanted in one of our main clients in the pharma sector.

 

You will work collaboratively to detect and respond to information security incidents, maintaining and following procedures for security event alerting and participating in security investigations.

 

Main duties:

1. Perform triage, investigation and hunting activities to identify and validate potential security incidents through:
-SIEM alert analysis and hunting activities:
     o It’s expected to actively work with SIEM solutions to perform:
        – Analysis of security alerts escalated from first level operation team
        – Hunting activities over stored logs searching for anomalous patterns and behaviors.
– Traffic capture analysis:
      o It expected solid understanding of common protocols and main protocol headers to perform packet capture analysis.
– Payload analysis:
      o It’s expected solid understanding of most common web attacks and capability to difference between actual attacks and false positives through payload analysis:
     o Common web attacks to know:
        – SQL Injection
        – Cross Site Scripting
        – Cross Site Request Forgery  
        – Local / Remote File Inclusion
        – Basic understanding of buffer overflow
        – Brute Force attacks
2. Perform Open Source Intelligence investigations regarding potential security incidents, vulnerabilities and threats.
3. Apply countermeasures on security layers for security incident containment
     o It’s expected to perform some platform management activities to adapt security policies to detect and block malicious or suspicious traffics to avoid further damage.
4. Analyze vulnerability scanner reports and report filtered information to technical teams for remediation
     o It’s expected capability to understand technical description of well-known vulnerabilities in common OS and applications.
5. Record activities in ticketing system
6. Generate security and activity regular reports
7. Manage small to medium sized projects, or play a key role within a large project team regarding security environment.

 

Además, trabajando para BETWEEN obtendrás los siguientes beneficios añadidos:

  • Posibilidad de formar parte de una empresa en pleno crecimiento a nivel nacional e internacional. Un buen lugar donde trabajar: cuidamos de nuestro equipo y la sociedad a través de iniciativas, programas de conciliación y de responsabilidad social corporativa
  • Te integrarás en un equipo de alto rendimiento y con un alto grado de especialización.
  • Dispondrás de oportunidades de formación y desarrollo profesional
  • Pondremos a tu disposición un amplio abanico de retos y proyectos acordes con tus objetivos personales y profesionales.
  • Posibilidad de elegir cómo obtener parte de tu salario gracias a las ventajas fiscales de nuestra Retribución Flexible, y descuentos para acceder a centros de fitness, entre otros
  • En BETWEEN,  la igualdad de oportunidades es uno de nuestros valores. Nuestro compromiso es contratar al mejor talentos independientemente de su raza, religión, sexo, edad y personas con otras capacidades y promover su desarrollo profesional y personal.

Requisitos

Required Professional Experience:

  • Professional experience of minimum 3 years providing services in a SOC in areas related to the activities described above.
  • Experience handling actual Security Incidents in enterprise environments (not only educational / training environments)
  • Experience working in a virtual, international and multicultural environment.

Required knowledge:

  •  Base understanding of Linux and Windows operating systems
               i.Components and architecture
               ii.File systems and storage
               iii.Identity and rights management
               iv.System processes
               v.System logs
               vi.Command line management
               vii.Network communication protocols
  • Solid understanding about security layers offered by common security systems:
               i.Firewalls
               ii.Intrusion Detection /Prevention systems
               iii.Web Application Firewalls
               iv.Antivirus and Advance Malware analysis systems
               v.Mobile Device Management systems
               vi.Data Leak Prevention
               vii.SIEM solutions
               viii.Disk encryption
               ix.Vulnerability Scanners
  • Solid knowledge in one scripting language (Python, PowerShell, Bash, Perl…)
  • Solid understanding of common networking protocols, vulnerability management and deep packet inspection technologies
  • Base knowledge of common system exploits
  • Base knowledge about network attacks
  • Knowledge about social engineering techniques      
                                                  




<    Volver a Ofertas