• 19/11/2021


    The detection analyst will be responsible for building on the existing ATT&CK-based managed playbook for the company's Security Operations Centre and developing this to the next level of maturity and capability Support the day to day threat detection work of a team of analysts providing service to a wide range of clients in different industries as well as the company's private/hybrid cloud services and internal IT Detalles del cliente ICT Services groupe with an extensive history that extends over +100 years, the group family has around 4.000 employees in +20 countries across Europe, APAC & Latin America, and has a complete portfolio of integrated ICT services for the large enterprise and public sector markets. This includes Workspace, Applications, Unified Communications, Data Centre, Cloud, Managed Services, Smart Spaces and Security. Descripción de la oferta Develop threat detection rules to identify modern attacker techniques and tactics in close partnership with the threat intelligence, incident response, security analysts, security architects and infrastructure teams Maintain existing rule base to ensure effectiveness and efficiency and apply lifecycle management to sunset rules when appropriate Assess coverage against ATT&CK framework to identify gaps and opportunities for improvement Develop and maintain effective metrics Support compliance use cases on request Identify need for, create and maintain lists as necessary to support correlation rules Create dashboards to support specific use cases for threat detection and train analysts in their use Provide advisory support to threat hunting activities, such as by developing efficient search queries Develop detection strategies for existing and emerging business needs in partnership with business and IT teams Analyse alert trends to drive improvement Play an active role in maintaining and improving data collection and configuration management frameworks and documentation Perfil del candidato Minimum two years experience with SIEM technology, preferably LogRhythm with deep understanding of the AIE function Experience with practical implementation of MITRE ATT&CK framework, preferably in multi-tenant heterogenous environments with a wide range of technologies and varying maturity levels Strong understanding of the information security threat landscape such as attack vectors and best practices for securing systems and networks Competent with RegEx, Sigma, YARA, Snort, Zeek and TShark Experience with performance tuning correlation rules to function well at scale Strong communication skills and ability to write clear documentation Fluent English, written and spoken Structured and results-oriented way of working Desirable - one of more of the following Strong understanding of common log formats and parsing, including cloud technologies Familiar with common operating systems and network fundamentals Previous experience working as a security analyst Experience with SOAR, UEBA, EDR, NDR or IDS/IPS technology Desirable Qualification or Certification SANS SEC511 Continuous Monitoring (GIAC GMON Certification) LogRhythm Platform Administrator (LRPA) Cloud certifications (AWS, Azure, other). BSc/MSc in Computer Science or Security Oferta de empleo An exciting opportunity to join a team within a growing ICT Services company with a global portfolio, as a Cybersecurity Detection Analyst in the SOC team. Salary: Bonus

  • 13/10/2021

    Catalunya, Madrid

    Estamos Buscando ampliar nuestro equipo de Ingenieros de SW industrial para Sector Automotive con un: ANALISTA CIBERSEGURIDAD Para ello estamos Pensando en un Ingeniero.Grado con unso 5-7 años de Experiencia y especializado en Ciberseguridad en Ambito Industrial con Ingles Fluido hablado y Escrito Se incorporará a equipo Internacional de Ingenieros de SW e Ingenieros Industraiales, Trabajando de Forma Remota o Presencial o combianda, como Prefiera EL ALCANCE: As a Cybersecurity Analyst you will help making the car of the future more secure. We work closely with our customers in the Automotive industry in order to shape the next generation Cybersecurity systems RESPONSABILIDADES: 1. Being a knowledge source about cyber-threats, cryptography among other Cybersecurity topics 2. Analyse System Architectures for HW and SW systems, and provide input in Cybersecurity topics prior and during their implementation during their lifecycle. 3. Perform vulnerability analysis and monitor Cybersecurity implementations in projects. 4. Analyse Customer Requirements and contrast them against state of the art technology. 5. Contribute to the validation of the SW and architecture of the features assigned to the team 6. Participate in all the scrum ceremonies and be involved in the continuous improvement activities SKILLS: NECESARIOS: 1. Cybersecurity standards (ISO 21434, NIST SP.800, etc.) 2. Cybersecurity requirements analysis. 3. Secure software development practices 4. Cryptography and secure communications 5. Secure software update procedures 6. Risk analysis of automotive/embedded/IoT device DESEABLES: 1. Autosar 2. ASPICE 3. QNX Ambiente Internacionall y Cualificado Teletrabajo Permitido Salario Fijp+Vble+Beneficios Proyeccion de Carrera

Cerca avançada