We’re in business to save our home planet. Your role will contribute to this mission by monitoring and responding to security events and security alerts for triage, resolution and escalation if necessary. This role requires a solid foundation in general IT topics such as working with various operating systems and networking topologies and should be familiar with industry standard security tooling and topics. This foundation will allow you to help troubleshoot as well as detect anomalies in systems and the network and help with the team’s primary responsibility of computer network defense.
• Monitor incoming events and ticket queues for potential information security incidents.
• Provide support in the investigation and reporting of any information security incidents.
• Ensure authorized access by investigating improper access; revoking access; reporting violations; recommending improvements.
• Use available Security Operations Center (SOC) tools for historical analysis purposes as necessary for detected events (e.g., historical searches using netflow, SEIM events, IDS, ticket history).
• Provide analysis and trending of security log data from a large number of heterogeneous security devices.
• Identify opportunities for process and technical improvements.
• Contribute to the company security awareness program.
• Assisting in the development and tracking of security metrics for information security events and incidents.
• Review event and scan data to identify, report, and coordinate remedy of vulnerabilities.
• Develop and maintain documentation for security systems, procedures and information security diagrams.
• Stay up-to-date with news and trends in information security including new vulnerabilities, methodologies, and products.
• Work with the compliance team to define security measures required for the regulatory compliancy, such as GDPR.
• Member of the global SOC team.
• Act as backup for the other Global SOC team members.
In order to succeed in this role, it is expected that you will have:
• Bachelor's degree in a related field or equivalent demonstrated experience and knowledge.
• Minimum 3 years' experience as a Systems or Network Administrator or equivalent knowledge.
• Strong verbal and written communication skills.
• Strong problem-solving and analytical skills.
• Experience working with firewalls, web proxies, intrusion detection/prevention system and antivirus systems.
• PCI-DSS, data security best practices, and security auditing.
• Experience monitoring cloud-based applications and infrastructure.
• Working knowledge of Systems Administration, Windows, Active Directory, Mac OS X, and Linux.
• Global security operations center experience preferred.
• Working knowledge of tools such as Python, PowerShell, Nessus, Nmap, tcpdump.
• Familiarity with CIS Critical Security Controls, OWASP Top 10, Cyber Kill Chain, Mitre Attack, and other frameworks.
• Working knowledge of network switches, routers and firewalls.
• Certifications from GIAC, (ISC)² are a plus (GISF, GCIA, SSCP, CCNA preferred).
• Ability to work outside normal business hours in case of serious security events.
It is the responsibility of every employee to contribute to a positive work environment through cooperative and professional interactions with co-workers, customers and vendors.
Please make sure that your CV and cover letter are in English.