استخدام Security Analyst
شرح موقعیت شغلی
Job description
- Administer and monitor SIEM environment in order to detect suspicious events and anomalous activity.
- Perform security monitoring.
- Onboarding of alerts into the SOC.
- Create reports on gathered security data in order to provide visibility on the security posture to the different stakeholders.
- Support or contribute the different levels of the incident response process in case of confirmed incidents.
- Support and contribute the execution of incident simulation exercises for validation and improvement of the overall incident response capabilities.
- Operate and optimize security processes and tools.
- Maintain security records of monitoring and incident response activities.
- Produce situational and incident-related reports.
- (Create, Modify, and Update Network Intrusion Detection Systems (IDS
- (Create, Modify, and Update Host Intrusion Detection Systems (IDS
- Monitor network traffic to detect potential threats.
- (Correlate actionable security events from various log sources and Threat Intelligence (TI
- Track suspicious network, application, and user behavior.
- Investigate breaches, gather evidence, and analyze data.
- Participate in team problem solving efforts and offer ideas to solve the issues.
- Participate in implementing international IT and Information Security frameworks e.g. ISO 27001/27002, NIST, CIS CSC
- Participate in risk assessment activities
General qualifications:
- 3+ years of operational experience in Information Technology & InformationSecurity.
- Good written and verbal communication skills in English
- University Degree in Computer Science, Computer Engineering or other relevant field.
- Certifications such as CEH, Security+, ISO 27K, SANS would be considered as an asset.
- Good interpersonal communication and presentation skills.
- Ability to be a team player.
- Ability to work effectively in multiple cultures and at a range of levels.
- Ability to constantly build up skillset using a mix of self-motivated and course based learning environment.
- Ability to work independently, proactively to see the big picture and work through solutions as needed.
- Good knowledge of Windows, Linux, data bases (MySQL, no-SQL), antimalware,IDS and other security technologies.
- Basic understanding of virtualization and software-defined data center concepts.
- (Knowledge of OSI reference model and networking fundamentals (switching,routing, load-balancing, firewalling
- Understanding of commonly used Internet protocols such as SMTP, HTTP, and DNS.
- Basic understanding of cryptographic functionality within such protocols would be of advantage.
- Familiar with Security Regulations and Standards.
Technical qualifications:
- Strong understanding of Information Security
- Good knowledge of NGFW, IDS/IPS, endpoint security etc.
- Deep Understanding of Risk Management Framework
- Familiar with Security Regulations and Standards.
- Deep knowledge of network security monitoring.
- Deep knowledge of host security monitoring.
- Good knowledge of Threat Intelligence.
- Experience with international IT and Information Security frameworks (e.g.ISO 27001/27002, NIST, CIS CSC) and ideally with IT audit practices is an advantage.
- Experience with SIEM or any other log analysis solutions.
- Experience with digital forensics and malware analysis would be an advantage.
مهارتهای مورد نیاز
- Linux
- Security
- Databases
- MySQL
- NoSQL
حداقل سابقه کار
- سه تا شش سال
جنسیت
- مهم نیست
وضعیت نظام وظیفه
- معافیت تحصیلی معافیت دائم پایان خدمت