Senior Security Analyst in CSIRT (Forensic)

Role responsibilities: 

• Following threat intelligence feeds to extract knowledge of common exploits, vulnerabilities, and countermeasures. 
• Progressing and managing SIEM use case and playbook development in an agile manner ensuring we continually adapt in response to the changing threat landscape and intelligence feeds. 
• Collaborating with our stakeholders on understanding data sources and use cases, and successfully translating requirements to actionable content. 
• Defining and implementing data visualization solutions, including appropriate dashboards, and reports. 
• Tuning, optimizing and assisting in the operation of the threat and vulnerability management technologies. 
• Threat Response – taking part in, and ability to lead a response to defeat identified cyber threats. 
• Collaborating with the various teams, resolver groups and device owners to ensure the timely remediation of Security Incidents and identified vulnerabilities. 
• Contributing to Security Improvement Plans 
• Contributing to security related decisions being made within account, ensuring compliance with Fujitsu Security Policy, standards, and Industry best practice. 
• Undertaking risk assessments, articulate risk, and propose appropriate mitigations to the risk managers and/or owners.
• Taking part in transition, revision of existing documentation and ability to provide input to respective teams responsible for document preparation
• Knowledge sharing, providing trainings for other team members

Skills & Experience: 

• Knowledge in forensics - must have
• Knowledge in multiple security related subject areas such as - Firewalls, Content Filtering, Proxy Servers, Systems Hardening, IDS/IPS, Endpoint Protection or Managed Detection & Response, threat intelligence
• Strong analytical skills. Ability to think flexibly and determine alternatives to problems that could raise during an incident
• Understanding of Window Security Event logs and Syslog 
• Windows events and forensic artifacts understanding.
• Requires analytical thinking and problem-solving skills.
• Love in parsing and analysis “always incomplete” logs.
• Familiarity with security attack vectors and detection 
• Knowledge of common Internet protocols and applications 
• Knowledge of Windows/Linux operating systems 
• Familiarity with the MITRE ATT&CK Framework 
• Ability to build and share security recommendation in line with setup of customer environment
• Security professional certification, issued by security industry leaders 
• Experience in SIEM content development and tuning 
• Good communication skills, customer oriented and a structured, analytical approach
• Fluent English (spoken and written) 
• Certificates that help you to stand out:
• CISSP
• CEH
• GIAC (GCFA, GREM, GCFE, GCFR, etc.)
• OSCP

What do we offer:

• You will work in a collaborative, close-knit team
• You will be encouraged to work smart and work in your own way
• You will be a part of a leading global technology business
• You will be trusted to deliver your work
• Stable employment based on an employment contract
• Opportunities to build a successful career path
• Flexibility - we are open to dialogue – many positions allow working part time or home office
• A cafeteria plan, examples: sports events tickets, holiday finance, online shopping deals.
• Great atmosphere and a chance to work with inspiring people from all around the world
• Integration events and Corporate Social Responsibility projects
• Unlimited access to training platforms, Internal and external training
• Private medical care
• Sport cards (OK System, Benefit System) – access to sports facilities throughout the city
• Discounts for Fujitsu employees in many places throughout city