Basic Information
Ref Number
Last day to apply
Primary Location
Država
Job Type
Work Style
Description and Requirements
- 6 to 8 years of relevant previous experience working in a Security Operations Centre and conducting security investigations
- Strong knowledge of security incident management, malware management, and vulnerability management processes
- Solid understanding of IT, including multiple operating systems and system administration skills (Windows, Linux)
- Basic understanding of public (AWS, GCP, Azure) and private (VMWare) cloud
- Strong knowledge of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP
- Previous experience with security technologies such as SIEM, EDR/XDR, SOAR, IDS/IPS, WAF, and NextGen Firewalls
- Analytical thinker who can assess circumstances and determine the appropriate course of action based on urgency
- Ability to adapt quickly to an ever-changing, dynamic Security and IT industry.
- Team player who can also work independently with minimal supervision.
- Professional verbal and written communication skills - capable of contributing to Knowledge Management
- Polite, respectful to others, professional.
Additional Job Description
- Monitor and analyze security alerts and participate in security incident management and response
- Participate in evaluating, recommending, implementing, responding, and troubleshooting security solutions
- Perform tuning and optimization of security systems (SIEM, EDR, SOAR, WAF, IDS/IPS)
- Follow ITIL practices regarding incident, problem, and change management
- Create and maintain build documents, security procedures, and processes including Incident management and incident response playbooks
- Stay up-to-date with emerging security threats including applicable security requirements Review and analyze identified threats, risks, and findings generated from vulnerability analysis tools and work with stakeholders to mitigate vulnerabilities Act as a first responder or escalation point, depending on incident severity, following Incident Response Playbooks
- Periodically expected to work off-hours to support deployments, system upgrades, and respond to security events
- Conduct threat-hunting activities to identify potential threats proactively. Integrate threat intelligence feeds into security monitoring tools to enhance threat detection. Stay updated on adversaries' latest threat landscape, tactics, techniques, and procedures (TTPs).
EEO Statement
