Descripción de la oferta
Proceso de selección continuo
The Getronics family is an ICT Services group consisting of the Getronics and Connectis brands. With an extensive history that extends over 125 years, the Getronics family has nearly 4,500 employees in 22 countries across Europe, Asia Pacific & Latin America, and has a complete portfolio of integrated ICT services for the large enterprise and public sector markets. This includes Workspace, Applications, Unified Communications, Data Centre, Cloud, Consulting,Partner Technology, Managed Services and Security.
Getronics is a leading member in theGlobal Workspace Alliance, a unique model that provides customers with a consistent IT service throughout the world, with one single point of contact and billing entity, delivering services to over 90 countries. The GWA manages 10m workspace assets globally, and was ranked number 3 by OVUM among other leading global vendors for workplace management.
Getronics support its employees to become experts in their field though development by an in-house University and an internal recruitment program.
Cybercrime and cyber-attacks against institutions are growing considerably in quality, quantity, and complexity, targeting both private industries and national critical infrastructure. However, a holistic approach across all security disciplines is required to ensure that these are mitigated successfully. Successful attacks against organizations can result in significant disruptions to business transactions, operations, and client activities, as well as regulatory scrutiny, reputational harm and brand damage. So the purpose of the Security Operation Center is to protect ourselves as well as our customer’s infrastructure from cyber-attacks.
-Proactive protective monitoring and response of known and/or emerging threats against the network 24*7*365.
-Gather information about high-value assets, threat landscape, and breach exposure from a myriad array of sources.
-Perform data analysis in support of security event management.
-Reports to Security Operation Centre Manager.
-Perform Incident Management for lower rated incidents.
-Identification of electronic attacks from internal and external sources
-Triaging of detected attacks and event escalation to the appropriate business area.
-Acting as 1st line point of contact for detected security incidents.
-Management and maintenance of security tools.
-Have the discipline and interpersonal skills to work well in a global environment, complementing teams in other locations.
-Works as part of a multidisciplinary team in the delivery of information security response services to the Group.
-Review events, including notification, escalation response and post incident review.
-Deliver the execution of triage controls to detect and prevent attackers from exfiltrating company information.
-Deliver recommendations and actions to improve the detection, escalation, containment and resolution of data security incidents.
-Conduct and perform information security incident response/management processes that encompass triage, investigation and response, based on CSIRT framework.
-Experience in running the Shift.
-Leadership & Coaching skills.
Because more than computing, People.
-1+ year working within a similar information security role.
-Experience with Windows, Mac OSX and Linux.
-Strong technical understanding of network fundamentals and common Internet protocols.
-Strong technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks).
-Strong Technical skills in the following technologies:
-SIEM Tools (Preferably LogRhythm).
-Develop SIEM Correlation Rules.
-Intrusion Detection and Prevention.
-Firewalls & Rule Analysis.
-Load balancers, Routers and Switches.
-Wired and Wireless infrastructures.
-Email/Web filtering technologies.
-Deep Packet Analysis Tools.
-Excellent understanding of security processes and technologies including Threat, Malware Analysis, Vulnerability Assessment, Security Monitoring.
-Strong written and oral communication skills and ability to articulate, explain security events to the team and stakeholders.
-Ability to perform static or behaviour analysis of malware.
-Penetration testing techniques and practices.
-Knowledge and experience working with PCI, ISO 27000 standards, ITIL.
-Forensics & Investigation Skills.
-Experience with Service-Now.
-Experience in Identity Access Management toolsets and processes.
Qualification/Certification requirements (Desirable)
-CISSP – Preferred.
-SANS Security Essentials (GSEC).
-SANS Hacker Tools, Techniques, Exploit and Incident Handling (GCIH).
-CISCO Certification eg: CCSP.
-Bachelor’s Degree in Computer Science.
Tecnología e informática
Categoría o nivel