استخدام Senior Security Analyst (Incident Responder)
شرح موقعیت شغلی
About Snapp
Snapp is the pioneer provider of ride-hailing mobile solutions in Iran that connects smartphone owners in need of a ride to Snapp drivers who use their private cars to offer transportation services. We are ambitious, passionate, engaged, and excited about pushing the boundaries of the transportation industry to new frontiers and being the first choice of each user in Iran.
Snapp is the pioneer provider of ride-hailing mobile solutions in Iran that connects smartphone owners in need of a ride to Snapp drivers who use their private cars to offer transportation services. We are ambitious, passionate, engaged, and excited about pushing the boundaries of the transportation industry to new frontiers and being the first choice of each user in Iran.
About the Role:
You'll primarily focus on refining the incident response process and coordinating the incident response during an incident. In addition to this, you will be helping the security team (Especially the SOC team) in their day-to-day activities to improve the company's overall security posture.
You'll primarily focus on refining the incident response process and coordinating the incident response during an incident. In addition to this, you will be helping the security team (Especially the SOC team) in their day-to-day activities to improve the company's overall security posture.
Responsibilities:
- Defining and refining the incident response process and playbooks based on NIST SP800 & MITRE Framework
- Helping in the detection and mitigation of cyber threats
- Mentoring junior team members in the process of incident response
- Collaborating in purple teaming, gap analysis, and tuning the detection rules
- Helping in the selection and implementation of incident response tools and frameworks
- Investigate, coordinate, and mitigate incidents
Qualifications:
- Good understanding of Windows & Linux security
- Good knowledge of cybersecurity concepts
- At least 2-years of incident response experience
- At least 4-years of experience in cybersecurity
- Experience in memory and network forensics
- Experience in Linux and Windows forensics
- Team player
- Problem-solving and critical-thinking abilities
- Experience with at least one SIEM platform
Nice to have: - Knowledge of Kubernetes and Docker forensics
- Experience in malware analysis
- Experience with TI and SOAR platforms
- Experience with incident management systems
- Cybersecurity related certificates
مهارتهای مورد نیاز
- Linux
- siem
- امنیت شبکه
حداقل سابقه کار
- سه تا شش سال
جنسیت
- مهم نیست
وضعیت نظام وظیفه
- معافیت تحصیلی معافیت دائم پایان خدمت