Security Analyst Duties:
• Align security alert review and analysis to prescribed Managed Security
Services Operations Playbook
• Conduct introductory analysis into security breaches at customer sites using
high-‐fidelity alerts and tools
• Review alerts generated by: security detection tools, correlate with device logs, and other forms of available telemetry
• Interpret the above data in the security analysis process
• Maintain up-‐to-‐date information in alert handling tools
• Where Customer SLA governs timing, the Analyst must work within the timing bounds to acknowledge and resolve alerts
• Vigilantly protect Customer data confidentiality and integrity, ensuring proper handling and protection electronically, physically, and verbally
• Work in assigned shift and ensure shift is covered personally.
• Document best practices with the SOC staff using available collaboration tools and workspaces
Desired Technical Skills and Qualifications:
• Working knowledge of the Windows operating systems
• Working knowledge of Linux/UNIX operating systems
• Experience with Snort or other open source intrusion detection tools
• Working knowledge of Next-‐Generation Intrusion Prevention System
• Detailed understanding of the TCP/IP networking stack
• Working knowledge of NetFlow technology
• Working knowledge of Full-‐Packet Capture technologies
• Understanding of the typical client-‐side and server-‐side attack chain at the Network and Endpoint level
• Understanding of modern malware threats
• Understanding of the common Network Security technologies and products in the Campus, Data Center and Internet Edge.
Desired Experience and Certifications:
• BS in a technical field (Computer Science / Computer Security / Cybersecurity/ Computer Networking preferred) or equivalent
• 2+ years of professional experience in the IT security industry(can substitute with own security research, formal cybersecurityeducation and university studies)
• SOC operations environment experience
• Sourcefire Certified Professional (SFCP)
• CCNA Security certification
• GCIA or GCIH certification
• Wireshark Certified Network Analyst certification a plus
• CompTIA Linux+ and Security+ certifications a plus
Additional Skills
• Self-discipline to work according to playbook and time requirements
• Passion for cybersecurity and staying up-‐to- date with current threats, tools and techniques
• Can-‐do attitude, thinking outside of the box
• Willingness to learn new security technologies, products and incident analysis and response approaches
• Strong collaborative skills and openness to work in a diverse multinational team of security professionals
We offer:
- Attractive salary
- Private healthcare
- Multisport card
- Enthusiastic and positive work atmosphere
- Work in the international environment
