Cyber Security Professional [Spain]

byJobPilot -
0


 

Cyber Security Professional, Spain Operations

Job Req ID: 16104
Posting Date: 17-May-2023
Function: Cyber Security
Location: Madrid, Spain
Salary: Competitive
Purpose Of Role:
The role holder will be responsible for the in-life delivery of 24x7x365 commercial Cyber Security Operations Centre capability to specific customers contractual SLA’s underpinned by specific KPI’s.
These team members will perform their responsibilities by shifts ROTA 24x7x365 scheduled.
These team members will work with the existing Security Systems technologies and other core network security products.
These team members as base of Analyst profile definition must have a behaviour aligned with their responsibilities and with a compromise to provide the maximum of Quality :
  • No accept the end of investigation util find the root cause of Incident Security.
  • Deep Analyse to obtain full understanding of Incident Security end to end
  • No close Investigation until ensure close all conclusions. Interest in knowing more.
  • Demand all support need to ensure have all elements need to the Security Incident Analysis has been reached with the levels of quality that guarantee the customer satisfaction.
  • Compromise with Quality detailing in the caser report all that show the value of the job performed and clearly specify to customers.
  • Continues improvement own selves Security Analyst Profiles.

These team members must complete awareness and application of Compliance BT Policies and CySOC Policies what are more rigorous in terms of BT Policies definitions of Confidential and Highly Confidential.
These team members will maintain relationships with people at an operational level always under BT code definitions referred to; support respect and appreciate each other’s.
The general scope of the Role will be applied by next aspects of the CySOC:
  • Pro-active monitoring for security events displayed in the Security management consoles and systems and process each event according to a well-defined procedure.
  • Incident detection and Analysis, reporting, incident classification, provision of incident report to customer based in systems defined to support the process.
  • Change management process each according to a well-defined procedure base in the systems defined to support the process.
  • Analysis of security rules and policies before being implemented.
  • Communication customers about Incident Security and Change management according to procedures and time scheduled defined in SLAs.
  • Developing escalations to Security Specialist regarding process defined. `
  • Supports in the delivery, implementation, and operational end to end delivery for a subset of an IT security service and for a subset of the IT Security strategy, policy, procedures, processes, systems, threat identification & response that provide security services and solutions for or on security systems and infrastructure.
Key Responsibilities:
  • Manage Complete Security Incidents Process for Detection, Analysis, Response and Remediation.
  • For P1 and P2 Security Incidents and Major Global Security Incidents will apply immediate escalations as Incident Security Process definition.
  • For CSRs and Special Interventions will ensure be involved the Roles defined as Change Management Process definition.
  • Monitoring and set the correspondence category of every Incident Security identifying True Positives and False Positives based in correspondent Use Cases in production.
  • Complete process of:
    • Case Registration in Ticketing System.
    • Initial event investigation
    • Basic triage activities
    • Interaction and communication with customer in Detection, Analysis, Response and Remediation activities.
  • Ensure the quality of Response supporting elements of the Investigation and resolution as required and where necessary report incidents involving potential or actual breaches of protective security compliance.
  • Responsible keeping the control of guarantee the SLAs defined for every type of Incident Security defined per customer ensuring comply.
  • Discipline and Deep know-how to follow the process and documentation defined to ensure the quality parameters defined.
  • Manage process escalation to Security Specialist and SSOM regarding defined by every measure defined per incident security type.
  • Initiative proactive and anticipation to report improvements or lack process detected.
  • Must be ensure progressively skills and dynamism to manage the systems and tools demanded for deliver the service with agility and ability.

Soft Skills:
  • Customer focus. Ability to meet the customers’ needs in line with the business requirements.
  • Result-orientation. Focusing on the objectives and the required outcomes of the processes while delivering a service.
  • Teamwork. Working with a cooperative and positive attitude in a group setting to achieve common goals.
  • Communication skills. Communicating effectively and efficiently while adapting to your audience and getting the message through as intended.
  • Logical thinking. Ability to comprehend and to oversee various aspects of a problem or a situation.
  • Taking ownership. Taking the responsibility and taking care of the consequences of deciding.
  • Analytical mindset. Using all data and information available to analyse and understand a situation, with the aim of supporting decisions.
  • Attention to detail. Focusing on all aspects and details of a task and delivering your output with a high level of accuracy.
  • Ability to think out of the box considering collateral environments and understanding roles/responsibilities of collateral stakeholders (customer mainly).
  • Language: Spanish and English fluent. Other languages will be recognized as advantage
Skills/Experience:
  • Knowledge of Security management, network and information security, people security and running of one or more services within a Security Operations Centre.
  • Deep Knowledge:
    • Knowledge of the TCP/IP protocol suite, DHCP, DNS, LAN/WAN, and Operating System concepts.
    • Knowledge network security knowledge to include remote access, DMZ architecture, network monitoring, intrusion detection, and web server security.
  • Minimum of 1 years of experience in security operations preferable CySOC Teams or equivalent in CNOC/NOC handled Security Incidents and Investigations and quick understanding of Logical and Application of Use Cases.
  • Knowledge of security SIEMs and Security Logs Management:
    • Preferred SIEM systems; Qradar, LogRythm, Sentinel, McAfee and Splunk.
    • Other preferred SIEM Systems; Arcsight, Fortisiem and Syslog.
  • Knowledge of security EDR:
    • Preferred EDR solutions; CrowStrike, PaloAlto (Cortex/Traps), Microsoft Defender Advanced Threat Protection, Sentinel One and Vmware Carbon Black .
    • Other preferred EDR solutions; Checkpoint Sandblast, Symantec, Bitdefender, Mcafee Mvision.
  • Demonstrate knowledge of Phising & Fraud based in fraudulent email analysis and management of dedicated tools for this purpose as:
    • Fireeye ETP
    • Forcepoint
    • ProofPoint
    • Cisco Email Security
    • Symantec Email Security.

  • Other preferred skills:
    • Demonstrate experience working with commonly used malware sandboxes.
    • Good understanding of memory forensics, exploits, & attacks.
    • Good understanding of open-source penetration testing tools.
    • Understanding of cyber threats and how intelligence is used by security appliances and operators.
    • Understanding of host and network forensic artifacts and indicators of compromise.
    • Good understanding of intelligence sharing formats and working with IOC & IOA in their different exchange formats.
    • Understanding of UEBA based in Threat Anomalies detection and Investigation or equivalent in NDR solutions.


Business Impact:
The responsibilities of these team members have a direct impact in Customer Satisfaction which are based in obtain the level of service contracted and demanded so their contribution will be come from their influence in customer keep satisfied with the service deliver and then facilitate the opportunity to renewal the current contracts or add new contract services.
  • Keep the control to guarantee the KPIs of Incident Security Management/Change Management and Customer Communication process are complying underpin coming from the responsibility of have deep awareness of SLAs/SLOs of contractual customers.
  • Ensuring the Quality of Incident Security Management/Change Management and Customer Communication process are doing under Quality Assurance definitions

Qualifications:
  • Superior grade formative cycle:
    • Title of Higher Technician in Network Computer Systems Administration.
    • Degree of Higher Technician in Multiplatform Application Development
    • Title of Higher Technician in Web Applications Development
    • Degree of Higher Technician in Telecommunications and Computer Systems,
    • Degree of Higher Technician in Electronic Maintenance
    • Specialization Course in Cybersecurity in Information Technology Environments.

  • Technical or higher degrees or engineering:
    • Computer Engineering and specializations.
    • Telecommunication Engineering and specializations

  • Additional valuable Certifications:
    • CompTia Security +
    • CEH
    • OSCP
    • CCNA Security
    • EDR (Endpoint Detection & Response) technology certifications
    • SANS Certifications
  • Recognised technical qualification or accreditation in field of security specialism.


 

.
Tags

You may like these posts

Post a Comment

Previous Post Next Post

Sponsored Ads

نموذج الاتصال