Security Monitoring Response Analyst
- USG Professionals
- Permanent, Full-time
Security Monitoring Response Analyst
Are you looking for an employer to guide your ICT skills in the right direction? Are you impatient to let your dynamism and ambition bear fruit in difficult projects? This is what we offer you at USG ICT, because we make the most of your knowledge and skills. Your mission: to carry out various missions and thus strengthen the results of our customers. Freelancers are also welcome !!!
We are looking for a Security Monitoring & Response Analyst to perform security monitoring, incident response, digital forensics and threat hunting activities.
Your future job:
You will carry the following responsibilities:
- Monitor SIEM, EDR, Data Analytics Platforms and DLP solutions for alerts triggered by pre-defined detection use cases;
- Investigate and qualify those alerts for further handling;
- Provide feedback to engineering team for fine-tuning of detection use cases;
- Develop runbooks for handling of security monitoring alerts.
Incident Response & Digital Forensics
- Drive the handling of security incidents by defining and assigning response actions to IT personnel and following-up on their execution;
- For severe incidents, steer and coordinate and ad hoc incident response team to contain, mitigate, eradicate and restore;
- Perform Digital Forensics on a wide range of asset, but particularly on Windows systems;
- Develop reaction plans for handling of security incidents.
Retroactively hunt for potential compromises and other security issues, based on new threat intelligence, gathered by our Threat Analysts.
Threat Collection and Analysis
- Routinely collect the cyber threat intelligence information using Group CTI platform.
- Execute threat analysis: Identify impacted assets, develop threat scenarios, define a ‘kill chain', i.e. step-by-step analysis of the attack, prioritize threats.
- Identify existing or missing counter-measures (controls & reaction plans) i.e. mapping to bank specificity: enterprise architecture, vulnerability status, latest incidents.
- Operate and populate a threat knowledge management tool.
- Generate reports and share within the relevant parties in the bank.
At least 3 years of experience in information security, preferably 5 years.
- Strong knowledge of IT security technology and processes (secure networking, web infrastructure, system security, security control point management, etc.);
- Experience with security incident management as a SPOC in a SOC or CSIRT environment, coordinating incidents towards technical and management teams
- Experience with reviewing alerts to determine relevancy and urgency by correlating different events and sources
- Experience with advanced detection and mitigation of phishing attacks
- Knowledge of digital forensics practices for Windows systems
- Experience managing incidents via ticketing systems such as HPSM and Service Now
- Ability to clearly write documentation, procedures and knowledgebase articles
- Hand's on malware analyses skills
- Experience with Use Case Development and Runbook creation
- Familiar with networking concepts, configuration and components
Nice to have:
- Comfortable working in Windows and Linux based systems
- Knowledge of various IDS/IPS such as Cisco Sourcefire and Palo Alto
- Knowledge of log aggregation, SIEM solutions and Digital Analytics Platforms such as Splunk, ArcSight, ELK
- Experience working with EDR solutions like Tanium and Mcafee
- Experience with DDoS solutions and services such as Akamai and F5 WAF based application protections
- Practical experience with Threat Hunting
- Basic knowledge of Threat Modelling
- Know how to interpret and analyse Threat Intelligence information and make it actionable via a CTI platform
- Experience with DLP solutions like Symantec DLP
- Knowledgeable about SOAR and automation techniques with Demisto or Cortex XSOAR
- Basic Reverse Engineering skills
- Adhere to processes and procedures
- Able to work in a rotating shift with on-call duties (24x7)
- Can step up, take the lead and stand ground when needed
- Must be strong Team player
- Self-starter, pro-active attitude
- Good communication skills vocally and written on different levels (to a group, towards technical people, end users, management)
- Good analytical skills
- Take ownership and be accountable for everything you do
- Finish what you start
- Autonomy, commitment and perseverance
- Outstanding ability to work under stress in emergency situations
- Attention to detail while seeing the bigger picture
- Ability to learn on-the-job and perform knowledge sharing
- Solid sense of integrity and identification with the mission
- Desire for continuous improvement of the Cyber Defence capabilities
Talent must be pampered. That is why we not only offer you a permanent contract of indefinite duration in exchange for your knowledge and commitment. We also act as your career planner and look for the best opportunities, training and growth opportunities for you. In addition to your competitive salary, you will receive a lot of fringe benefits (daily allowance, group and hospitalization insurance, company car, ...). Are you a freelancer? Of course you are also eligible and will receive a competitive rate.
This address could not be found.
We could not find a route between the two addresses.
The job was saved
You can find your saved jobs on the homepage or in My Jobat.
To view them on other devices as well, just log in.
- Professional bachelor (Higher Education Short Type)
- At least 2 years experience
- 14 May
Receive jobs by e-mail
Receive new 'Network, it security' jobs in Brussels straight to your mailbox.