Security Operations Analyst

Job Description

Date: Feb 7, 2020We are now looking for a 2nd Level Security Operations professional for our Managed Security team. This position includes security event analysis, threat assessment, security incident response strategy and coordinating all cybersecurity-related investigations and incident response in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. This position will also be responsible for vulnerability management, penetration testing, and support user access management, anti-malware/anti-virus tools, HID, DLP and data encryption as required. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured.Main Accountabilities - you will:

• Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating & modifying rules, investigating and resolving alerts, automating tasks
• Perform Vulnerability Management, including but not limited to: supporting scan tools, executing vulnerability scans, performing analysis, recommending / tracking mitigations
• Perform static and / or dynamic code scanning and / or web scanning, analyze results, and provide detailed and executive reports with the results and options for mitigation
• Perform penetration testing, analyze results, and provide detailed and executive reports with the results and options for mitigation
• Work with the various Technical Authority teams to respond & resolve security incidents effectively and quickly
• Coordinate, when necessary, with legal team and / or external security agencies (including the Customer s security team) for in-depth investigation
• Provide Root Cause Analysis for security incidents, and outages / impairments related to security tools
• Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team
• Support anti-malware / anti-virus, HID, DLP, disk encryption, and file / data integrity tools
• Identify, recommend, and support data encryption methods and technologies based on data classification (e.g. data encrypted at rest / in transit)
• Drive continuous process improvements by providing inputs on the current processes and possible improvement opportunities
• Perform periodic reporting and when applicable, presenting to management and/or the Customer s security team
• Assist in the security solutions design process as needed

Technical/Soft Skills:General competencies:

• 4 to 7 years experience with at least 4 years in IT and 2 years in Security
• The ability to provide support after normal business hours
• The ability to work constructively under pressure
• Ability to work both in a team as well as individually
• Participate in the out-of-hours on call rotation, providing technical support to the business for major and critical incidents
• Knowledge sharing and collaboration skills
• Customer oriented, Service minded
• Deliver results and meet customer expectations
• Excellent communication skills; English is a must

Technical competencies:Strong knowledge of information security

• Working knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.)
• Knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving
• Strong understanding of enterprise, network, system and application level security issues
• Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks also with available security control (technical & process control) for respective layers
• Understanding of the system hardening processes, tools, guidelines and benchmarks
• Fundamental understanding of encryption technologies

Academics and CertificationsEducation: Academic degree

• CISSP, CISM, CEH, OSCP, Security+, CCNA Security, and ITIL certifications will be an advantage

,

Keyskills :
reporting mis sla accounts rootcauseanalysis europeanworkscouncils securityincidentresponse rootcause humanrights musicmaking dataintegrity diskencryption solutionsdesign technicalsupport accessmanagement nitednations