Information Security Analyst

What you'll do

- Your job is to monitor and analyse security events resulting from threats and indicators of compromise defined, through the security platforms set up by the company (SIEM, UBA, EDR) and the analysis of the systems logsTo monitor and analyse Phishing emails received in the company's phishing mailbox is fun for you. -You'll manage the Incident Response process in accordance with company policies and you'll activate, where necessary, the escalation processes.
In addition, you'll support through the security analysis activities any operational requests related to the perimetral protection systems of the corporate resources (e.g: firewall policies, navigation profiles, etc.) Support the analysis and collection of evidence in the fields of anti-fraud, anti-piracy and Digital Forensics You'll manage the issuance of SSL certificates in the PKI infrastructure for the company's internal structures and systems Support the development of Detection & Response models and algorithms, using advanced analytical tools, in order to evolve and increase the company's security coverage You'll support the operation of the Cyber & Information Security platforms, contributing to their evolution in terms of automation and orchestration capacity Support the Threat Intelligence and Threat Hunting processes, in collaboration with the teams at local and group level You'll define and manage the Incident Detection & Response processes Your tasks also include supporting the design of architectures in the security field, with particular focus to functionalities in the Operation field

What you'll bring

What you'll bring You've a Master's degree in Cyber Security, Computer Science or Telecommunication Engineering (or equivalent) and proven experience in Security Operation Center activities, with a particular focus on SIEM, SOAR and TIP (e.g: Splunk, MISP, etc.) Good knowledge of methodologies and frameworks in the Security Incident Management area and excellent knowledge of the operating systems (e.g. Microsoft Windows, Linux RedHat/ CentOS, Unix) In addition, you know communication networks, architectures, infrastructures and equipment in the Network Security area (Firewall, IPS, Balancer, WAF, VPN, etc ) and Cloud architectures (AWS, GCP, SFDC, AZURE) You've good knowledge of PKI and cryptographic infrastructures and experience in managing endpoint protection architectures (both signature based EPP and next generation EDR) and Data Loss Prevention Programming languages and reverse coding of applications and malware are no problem for you Specific security certifications like GIAC GCIH, GIAC GCIA, AWS Cloud Practitioner, GCP Cloud Engineer are a plus Ability to constructively and proactively interact with other structures, suppliers and stakeholders, respecting needs of each role You describe yourself as flexible, autonomous, proactive and highly assertive with a strong goal orientation Good English skills are a matter of course for you

Inclusion

Inclusion: We're proud to be an equal opportunity employer. It is important to us to provide a fair and equal workplace for everyone. We strongly believe that a culture of diversity allows us to grow together and encourages creativity and innovation. Therefore, we will consider all qualified applications - regardless of gender, nationality, ethnic and social origin, religion/belief, disability, age, sexual orientation and identity.