Oferta pracy

SOC Tier 3 Security Monitoring Analyst - Incident responder

Flint PolandO firmie

  • Kraków, małopolskie

  • Ogłoszenie wygasło miesiąc temu
  • Pełny etat
  • Specjalista (Mid / Regular)
Flint is a provider of professional services including: Specialist Consultancy, Managed Services Specialist Resourcing to the telecommunications and IT sectors.
 
For our client, worldwide leader in innovative IT and networking technologies, we are currently looking for:
SOC Tier 3 Security Monitoring Analyst - Incident responderNumer ref.: Ref. No.: CISCO-SMA3

Resposibilities:

  • Support day-to-day cybersecurity threat detection and incident response operations
  • Understand technology infrastructure and operational processes in order to enable a more effective incident response process
  • Communicate deep technical security threat & operations awareness across the Cyber division, to include the CISO and CIO
  • Benchmark IR processes and technology against industry
  • Maintain a catalogue detailing incident response processes, tools and functions
  • Develop, follow, and maintain ‘playbooks’ which provide a visual depiction of various operational Incident Response workflows
  • Identify and enhance processes where automation has the potential to improve efficiency
  • Support the Cyber Incident Management team in developing key performance indicators to measure success of the Incident Response team
  • Coordinate with various Information Security Officer teams in clarifying security risks, and roles and responsibilities related to ongoing Incident Response cases
  • Provide support to operational & cybersecurity strategy development
  • Provide SME-level guidance and direction on best practices for the protection of information
  • Maintain updated knowledge of best practices in cybersecurity Operations and Incident Response processes to identify and recommend new technologies and/or processes with the potential to enhance operations

Required skills:

  • Bachelor's Degree in fields such as Computer Science, Information Systems, and Engineering or military experience
  • Extensive technical experience in a Security Operations Centre or supporting an Incident Response Team
  • Significant experience in Network Management and Monitoring Tools and Utilities
  • Significant experience in Enterprise Network Security / Security Perimeters
  • Significant experience with TCP/IP protocol analysis
  • Significant experience with packet capture devices, syslog, netflow, application performance Management
  • Significant experience with cyber threat analysis and mitigation's
  • Very strong technical skills using a variety of COTS security tools (i.e. argus, wireshark, tcpdump, snort, helix, etc)
  • Experience programming in multiple languages (ie. writing analysis or response tools, automating repetitive processes, etc)
  • Ability to manage multiple simultaneous responsibilities
  • Strong ability to analyse complex information and data
  • Excellent problem-solving and conceptual thinking abilities, especially with technical troubleshooting
  • Very strong ability to develop and communicate recommendations to non-technical associates in business areas
  • Very strong and effective process management skills
  • One or more of the following recognised industry certifications (or equivalent); CEH, GCIA, GCIH, GISP,

Ogłoszenie archiwalne

Pracodawca zakończył zbieranie zgłoszeń na tę ofertę

Aktualne oferty pracodawcy