Descriere job

Job Description

Prevent intrusions using current security hardware and software
Triage, respond, and investigate security events across Azure, Sentinel, O365, Microsoft defender ATP, Azure ATP, MCAS, NSM, and AWS
Perform root cause analysis for security events
Participate in periodic proactive hunt sessions
Perform live response and document findings
Work with security products APIs
Write out and update response playbooks

Technical Qualifications

A bachelor’s degree in Computer Science, Engineering, Mathematics or related field, and a minimum of three (3) years of experience in an equivalent role (information security)
Technical expertise in multiple information security domains
Experience with Splunk is a must
Comprehensive experience designing, implementing, operating & troubleshooting traditional & cloud-based security services
Good understanding of the latest threat vectors such as data breaches, protocol weaknesses, account compromise techniques, malicious insiders, third parties compromise, APTs, and network attacks
Must know PowerShell, Python, or both
Familiar with the MITRE ATT&CK Framework

Soft Skills

Ability and drive to automate repetitive steps
Exercise critical and analytical thinking
Problem-solving skills
Attention to detail
Willingness to continuously learn and obtain Microsoft and AWS certifications

Benefits

Work with the latest cybersecurity technologies available
Opportunity to grow and develop as a professional
Be part of a highly-experienced team
Flexible working hours
Attractive salary