- Your job is to monitor and analyse security events resulting from threats and indicators of compromise defined, through the security platforms set up by the company (SIEM, UBA, EDR) and the analysis of the systems logsTo monitor and analyse Phishing emails received in the company's phishing mailbox is fun for you.
-You'll manage the Incident Response process in accordance with company policies and you'll activate, where necessary, the escalation processes.
In addition, you'll support through the security analysis activities any operational requests related to the perimetral protection systems of the corporate resources (e.g: firewall policies, navigation profiles, etc.)
Support the analysis and collection of evidence in the fields of anti-fraud, anti-piracy and Digital Forensics
You'll manage the issuance of SSL certificates in the PKI infrastructure for the company's internal structures and systems
Support the development of Detection & Response models and algorithms, using advanced analytical tools, in order to evolve and increase the company's security coverage
You'll support the operation of the Cyber & Information Security platforms, contributing to their evolution in terms of automation and orchestration capacity
Support the Threat Intelligence and Threat Hunting processes, in collaboration with the teams at local and group level
You'll define and manage the Incident Detection & Response processes
Your tasks also include supporting the design of architectures in the security field, with particular focus to functionalities in the Operation field
What you'll bring
What you'll bring
You've a Master's degree in Cyber Security, Computer Science or Telecommunication Engineering (or equivalent) and proven experience in Security Operation Center activities, with a particular focus on SIEM, SOAR and TIP (e.g: Splunk, MISP, etc.)
Good knowledge of methodologies and frameworks in the Security Incident Management area and excellent knowledge of the operating systems (e.g. Microsoft Windows, Linux RedHat/ CentOS, Unix)
In addition, you know communication networks, architectures, infrastructures and equipment in the Network Security area (Firewall, IPS, Balancer, WAF, VPN, etc ) and Cloud architectures (AWS, GCP, SFDC, AZURE)
You've good knowledge of PKI and cryptographic infrastructures and experience in managing endpoint protection architectures (both signature based EPP and next generation EDR) and Data Loss Prevention
Programming languages and reverse coding of applications and malware are no problem for you
Specific security certifications like GIAC GCIH, GIAC GCIA, AWS Cloud Practitioner, GCP Cloud Engineer are a plus
Ability to constructively and proactively interact with other structures, suppliers and stakeholders, respecting needs of each role
You describe yourself as flexible, autonomous, proactive and highly assertive with a strong goal orientation
Good English skills are a matter of course for you
Inclusion
Inclusion:
We're proud to be an equal opportunity employer.
It is important to us to provide a fair and equal workplace for everyone. We strongly believe that a culture of diversity allows us to grow together and encourages creativity and innovation. Therefore, we will consider all qualified applications - regardless of gender, nationality, ethnic and social origin, religion/belief, disability, age, sexual orientation and identity.