Cyber Security Analyst

We are looking for a Cyber Security Analyst to join the Cyber Security Operations Center (CSOC) as part of the threat detection and response team.

Responsibilities:

• Perform case triage, gathering additional information as needed to determine if the case warrants further investigation

• Gather and provide reliable information regarding investigation and threats related to observed activity in written and/or verbal form in case of customer calls or when high priority incidents occur that mandates CSOC to notify customers directly via phone

• Provide follow-up analysis and be communicative with customers via incidents escalated to them in case of upcoming questions, actions pending or performed by customers

• Correlate and analyze relevant security event, system log, network information and various information from security products

• Follow established processes for case investigation, maintaining proper case documentation and communication with customers and teams

• Collaborate with and support other team members in case investigations

• Identify and communicate practical ways that processes could be improved (or even automated) or that tools could be enhanced to get the CSOC on target faster and help deliver better results for our customers

• Contribute enhancing quality and reducing workload by taking actions on tuning activities such as tuning of false-positives, detection disposition enhancements and others

• Vigilantly protect customer data confidentiality and integrity

• Monitor for and report any issues with CSOC platform operations

• Maintain adherence to corporate and CSOC ethics, standards, processes, and procedures

• Contribute to the shift turnover reports to ensure an open information flow between shifts

• Develop and execute a plan for continuous learning with your leaders and/or mentor

• Work with your manager, team leads and senior team members on enhancing quality of case investigations by following determined methodologies of incident analysis, taking corrective actions on case investigations (if needed) and constantly develop skills and knowledge to meet the expectations of CSOC Cyber Security Analyst role and customer needs

• Be prepared to represent CSOC on various presentations and meetings in front of customers, partners or other internal or external stakeholders

Requirements:

• Excellent verbal and written communication

• Excellent problem-solving and technical skills

• Knowledge on malware identification, practical experience is a plus

• Fundamental understanding of TCP/IP, core application layer protocols and networking concepts

• Understanding and/or experience with Windows operating systems, Active Directory, and command line/PowerShell tools in an enterprise environment

• Understanding and/or experience with Linux/Unix operating systems and command line tools in an enterprise environment

• Fundamental knowledge in one or more of the following security technologies: EPP/EDR, Nextgen Firewalls, IPS, WAF, Proxy, DNS Security (experience is a plus)

• General understanding of common cyber-attack techniques and vectors

• Fundamental understanding of incident handing procedures in the Detection, Containment, Eradication and Recovery phases of Incident Response

• Knowledge of foundational security principles

• Strong analytical mindset with acute attention to details

• General understanding of modern adversary tactics, techniques and procedures

• Deep passion for cybersecurity and staying up-to-date with current threats, tools and techniques

• Flexibility – Willingness to deal with a high level of ambiguity and change and to pitch in where needed; because this is Cyber Security and change is the only constant.

• Scripting or coding skills in languages like JavaScript or Python not required but are a huge plus

• Ability to work as part of a diverse, global team

• Willingness to work flexible shift hours (later afternoon / evening shifts)

Education and Experience:

• Professional experience performing threat detection, threat analysis and cyber-security investigations in an enterprise environment is a plus

• Professional experience in the IT security industry is a plus

• A degree in a technical field (Computer Science / Computer Security / Cybersecurity / Computer Networking) or equivalent work experience is a plus

• Hold one or more of the following certifications (or currently working on): ISC2: SSCP; EC-Council: CEH; SANS: GICA, GCIH, GMON, GNFA, GFCA, GCFE; Cisco: CyberOps Associate, CyberOps Professional

Our offer:

• MultiSport Plus

• Group insurance

• Medicover Premium

• e-learning platform