Descripción de la oferta
Duración de la oferta: hasta el 16/11/2017
Cybercrime and cyber-attacks against institutions are growing considerably in quality, quantity, and complexity, targeting both private industries and national critical infrastructure. However, a holistic approach across all security disciplines is required to ensure that these are mitigated successfully. Successful attacks against organizations can result in significant disruptions to business transactions, operations, and client activities, as well as regulatory scrutiny, reputational harm and brand damage. So the purpose of the Security Operation Center is to protect ourselves as well as our customer’s infrastructure from cyber-attacks.
-Proactive protective monitoring and response of known and/or emerging threats against the network 24*7*365.
-Gather information about high-value assets, threat landscape, and breach exposure from a myriad array of sources.
-Perform data analysis in support of security event management.
-Reports to Security Operation Centre Manager.
-Perform Incident Management for lower rated incidents.
-Identification of electronic attacks from internal and external sources
-Triaging of detected attacks and event escalation to the appropriate business area.
-Acting as 1st line point of contact for detected security incidents.
-Management and maintenance of security tools.
-Have the discipline and interpersonal skills to work well in a global environment, complementing teams in other locations.
-Works as part of a multidisciplinary team in the delivery of information security response services to the Group.
-Review events, including notification, escalation response and post incident review.
-Deliver the execution of triage controls to detect and prevent attackers from exfiltrating company information.
-Deliver recommendations and actions to improve the detection, escalation, containment and resolution of data security incidents.
-Conduct and perform information security incident response/management processes that encompass triage, investigation and response, based on CSIRT framework.
-Experience in running the Shift.
-Leadership & Coaching skills.
Because more than computing, People.
-1+ year working within a similar information security role.
-Experience with Windows, Mac OSX and Linux.
-Strong technical understanding of network fundamentals and common Internet protocols.
-Strong technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks).
-Strong Technical skills in the following technologies:
-SIEM Tools (Preferably LogRhythm).
-Develop SIEM Correlation Rules.
-Intrusion Detection and Prevention.
-Firewalls & Rule Analysis.
-Load balancers, Routers and Switches.
-Wired and Wireless infrastructures.
-Email/Web filtering technologies.
-Deep Packet Analysis Tools.
-Excellent understanding of security processes and technologies including Threat, Malware Analysis, Vulnerability Assessment, Security Monitoring.
-Strong written and oral communication skills and ability to articulate, explain security events to the team and stakeholders.
-Ability to perform static or behaviour analysis of malware.
-Penetration testing techniques and practices.
-Knowledge and experience working with PCI, ISO 27000 standards, ITIL.
-Forensics & Investigation Skills.
-Experience with Service-Now.
-Experience in Identity Access Management toolsets and processes.
Qualification/Certification requirements (Desirable)
-CISSP – Preferred.
-SANS Security Essentials (GSEC).
-SANS Hacker Tools, Techniques, Exploit and Incident Handling (GCIH).
-CISCO Certification eg: CCSP.
-Bachelor’s Degree in Computer Science.
Shift and on-call allowance
Tecnología e informática
Categoría o nivel