This job is based in Timișoara, Romania, or Jaipur, India.
Monitor for attacks, intrusions and unusual, unauthorized or illegal activity and respond swiftly to all alerts;
Investigate security alerts and provide incident response, keeping track of events through to resolution;
Monitor identity and access management, including monitoring for abuse of permissions by authorized system users;
Research/evaluate emerging cyber security threats and ways to manage them;
Test and evaluate security products;
Keep up to date with the latest security and technology developments;
Use advanced analytic tools to determine emerging threat patterns and vulnerabilities;
Simulating client settings and security breaches in lab environments;
Liaise with stakeholders in relation to cyber security issues and provide future recommendations;
Assist with the creation, maintenance and delivery of cyber security training for colleagues;
Provide feedback on enhancing the current technologies used to detect malicious activities;
Identify opportunities for capability and efficiency improvements.
Requirements
Must-have:
Strong and proven data manipulation skills;
Relevant experience with a SIEM correlating multiple logs (at least 1 year working experience);
Strong understanding of network protocols (DNS, IP, TCP and UDP, HTTPS/S, SMTP), network architecture concepts, firewalls, authentication protocols, and other web technologies;
A strong understanding of the cyber security threat landscape, including detailed technical knowledge about the most prevalent vulnerabilities, threats, attack methods, and infection vectors;
Professional work ethic, a very high degree of ownership and accountability;
Ability to learn and keep up to date with cyber threats;
Ability to consume, comprehend, utilize and create indicators of compromise;
Superior problem-solving abilities and strong analytical thinking;
Desire to work in a fast-paced, challenging environment;
Very high attention to detail;
Excellent communication and interpersonal skills;
Excellent English language skills (both written and verbal);
Ability to work independently and handle multiple priorities in a fast-paced environment;
Open to night shifts or weekends working schedule (once chosen, the shift will not change).
Nice-to-have:
Experience with intrusion detection and incident handling and/or analysis;
ElasticSearch know-how;
Experience with O365 and AD logs;
Scripting with Python;
VBA, Excel Macro programming;
CompTIA Security+, CCNA Security, CCNA courses;
Ability to tune detection tools for accuracy;
Understanding of MITRE matrix TTPs;
Malware Reverse Engineering experience.
Benefits
What we offer:
Steep professional development in a fast-growing cyber field;
Flexible work schedule;
Young and sociable team;
High degree of independence through individual employment registration;