Following threat intelligence feeds to extract knowledge of common exploits, vulnerabilities, and countermeasures.
Progressing and managing SIEM use case and playbook development in an agile manner ensuring we continually adapt in response to the changing threat landscape and intelligence feeds.
Collaborating with our stakeholders on understanding data sources and use cases, and successfully translating requirements to actionable content.
Defining and implementing data visualization solutions, including appropriate dashboards, and reports.
Tuning, optimizing and assisting in the operation of the threat and vulnerability management technologies.
Threat Response – taking part in, and ability to lead a response to defeat identified cyber threats.
Collaborating with the various teams, resolver groups and device owners to ensure the timely remediation of Security Incidents and identified vulnerabilities.
Contributing to Security Improvement Plans
Contributing to security related decisions being made within account, ensuring compliance with Fujitsu Security Policy, standards, and Industry best practice.
Undertaking risk assessments, articulate risk, and propose appropriate mitigations to the risk managers and/or owners.
Taking part in transition, revision of existing documentation and ability to provide input to respective teams responsible for document preparation
Knowledge sharing, providing trainings for other team members
Skills & Experience:
Knowledge in forensics - must have
Knowledge in multiple security related subject areas such as - Firewalls, Content Filtering, Proxy Servers, Systems Hardening, IDS/IPS, Endpoint Protection or Managed Detection & Response, threat intelligence
Strong analytical skills. Ability to think flexibly and determine alternatives to problems that could raise during an incident
Understanding of Window Security Event logs and Syslog
Windows events and forensic artifacts understanding.
Requires analytical thinking and problem-solving skills.
Love in parsing and analysis “always incomplete” logs.
Familiarity with security attack vectors and detection
Knowledge of common Internet protocols and applications
Knowledge of Windows/Linux operating systems
Familiarity with the MITRE ATT&CK Framework
Ability to build and share security recommendation in line with setup of customer environment
Security professional certification, issued by security industry leaders
Experience in SIEM content development and tuning
Good communication skills, customer oriented and a structured, analytical approach
Fluent English (spoken and written)
Certificates that help you to stand out:
CISSP
CEH
GIAC (GCFA, GREM, GCFE, GCFR, etc.)
OSCP
What do we offer:
You will work in a collaborative, close-knit team
You will be encouraged to work smart and work in your own way
You will be a part of a leading global technology business
You will be trusted to deliver your work
Stable employment based on an employment contract
Opportunities to build a successful career path
Flexibility - we are open to dialogue – many positions allow working part time or home office