استخدام Security Analyst

اسنپ | Snapp
تهران، تهران

Job description

Administer and monitor SIEM environment in order to detect suspicious events and anomalous activity.
Perform security monitoring.
Onboarding of alerts into the SOC.
Create reports on gathered security data in order to provide visibility on the security posture to the different stakeholders.
Support or contribute the different levels of the incident response process in case of confirmed incidents.
Support and contribute the execution of incident simulation exercises for validation and improvement of the overall incident response capabilities.
Operate and optimize security processes and tools.
Maintain security records of monitoring and incident response activities.
Produce situational and incident-related reports.
(Create, Modify, and Update Network Intrusion Detection Systems (IDS
(Create, Modify, and Update Host Intrusion Detection Systems (IDS
Monitor network traffic to detect potential threats.
(Correlate actionable security events from various log sources and Threat Intelligence (TI
Track suspicious network, application, and user behavior.
Investigate breaches, gather evidence, and analyze data.
Participate in team problem solving efforts and offer ideas to solve the issues.
Participate in implementing international IT and Information Security frameworks e.g. ISO 27001/27002, NIST, CIS CSC
Participate in risk assessment activities

General qualifications:

3+ years of operational experience in Information Technology & InformationSecurity.
Good written and verbal communication skills in English
University Degree in Computer Science, Computer Engineering or other relevant field.
Certifications such as CEH, Security+, ISO 27K, SANS would be considered as an asset.
Good interpersonal communication and presentation skills.
Ability to be a team player.
Ability to work effectively in multiple cultures and at a range of levels.
Ability to constantly build up skillset using a mix of self-motivated and course based learning environment.
Ability to work independently, proactively to see the big picture and work through solutions as needed.
Good knowledge of Windows, Linux, data bases (MySQL, no-SQL), antimalware,IDS and other security technologies.
Basic understanding of virtualization and software-defined data center concepts.
(Knowledge of OSI reference model and networking fundamentals (switching,routing, load-balancing, firewalling
Understanding of commonly used Internet protocols such as SMTP, HTTP, and DNS.
Basic understanding of cryptographic functionality within such protocols would be of advantage.
Familiar with Security Regulations and Standards.

Technical qualifications:

Strong understanding of Information Security
Good knowledge of NGFW, IDS/IPS, endpoint security etc.
Deep Understanding of Risk Management Framework
Familiar with Security Regulations and Standards.
Deep knowledge of network security monitoring.
Deep knowledge of host security monitoring.
Good knowledge of Threat Intelligence.
Experience with international IT and Information Security frameworks (e.g.ISO 27001/27002, NIST, CIS CSC) and ideally with IT audit practices is an advantage.
Experience with SIEM or any other log analysis solutions.
Experience with digital forensics and malware analysis would be an advantage.

تمام وقت

IT / DevOps / Server

۱۳۹۷/۱۰/۱۲ (منقضی‌شده)

مشاغل مشابه