Ver todos os empregos

Cyber Security Operations Analyst

Valencia, Espanha
Decskill is 100% Portuguese technological company, founded in 2014, and we currently have more than 200 employees. Decskill operates in both national and international markets, with offices in Lisbon, Oporto and A Coruña, capable to provide services to any location in the national territory.

How can Decskill be an accelerator to your career?
We currently operate in 3 major areas: outsourcing by DECSKILL; augmented reality and computer vision products and solutions, by PROSKILL; and Agile training and coaching, by GETSKILL.
The success of Decskill is built from the inside out, with talented employees and constant evolution, with innovative aspirations and a commitment to make a difference.
We are looking for an Cyber Security Operations Analyst for a project based in Valência or nearshore mode.

Tasks and Responsibilities:
  • Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements;
  • Review security events that are populated in a Security Information and Event Management (SIEM) system
  • Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
  • Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, alerts, etc.
  • Document all activities during an incident and provide leadership with status updates during the life cycle of the incident
  • Runs vulnerability scans and reviews vulnerability assessment reports. Manages and configures security monitoring tools
  • Reporting
  • Client-facing security meetings
  • Open tickets and assigning them to relevant teams after eliminating false positives;
  • Responsible for working in a 24x7 Security Operation Centre (SOC) environment;
  • Integrate and share information with other analysts and other teams
  • Other duties as assigned
Required Technical Skills:

The resource MUST have the following skills and experience:
  • Knowledge of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols
  • SIEM tools like Splunk, Q Radar, Arc Sight, Net Witness. Developing queries, data models and dashboards
  • Knowledge of email security, network monitoring, and incident response
  • Excellent communication skills
  • Knowledge of Linux/Mac/Windows;
  • Programming skills (Python, Ruby, PHP, C, C#, Java, Perl, and more)
The professional SHOULD have the following skills and experience:
  • Implemented security controls in line with CIS benchmarks, NIST guidelines or other best practices
  • Moderate knowledge of security related technologies and their functions (IDS, IPS, EDR, IRP, FW, WAF, SIEM, etc.)
Desirable certifications:
  • MCSE, CCNA, GCIH, CEH, GCFA or any SANS certification or equivalent certificate
If you’re interested in this job please send your CV in English.
Thank you!

Compartilhar Este Emprego

Da Plataforma