Senior Computer and Network Infrastructure Engineer
Emerson
CloudCyber SecurityDNSFirewallsPythonSplunkTensorflowVMware
Job Level
Junior
Tech Stack
Cyber SecurityDNSOpen SourceSplunkTCP/IP
About the role
- Responsible for in-life delivery of 24x7x365 commercial Cyber Security Operations Centre capability to customers under contractual SLAs and KPIs
- Manage complete security incident process for detection, analysis, response and remediation
- Apply immediate escalations for P1 and P2 security incidents and major global incidents per process definition
- Monitor and categorise incidents, identify true and false positives based on production use cases
- Case registration in the ticketing system and initial event investigation with basic triage activities
- Interaction and communication with customers during detection, analysis, response, and remediation
- Ensure quality of response and support elements of investigation and resolution; report potential or actual breaches of protective security compliance
- Maintain control of SLAs defined per customer and ensure compliance
- Follow process and documentation to meet defined quality parameters
- Escalate to security specialists and SOMs as defined per incident type
- Proactively report process improvements or deficiencies
- Maintain and progressively develop skills to manage required systems and tools and deliver service with agility
Requirements
- Minimum of 1 years of experience in security operations, preferable CySOC teams or equivalent in CNOC/NOC handling security incidents and investigations
- Fluent in Spanish and English
- Knowledge of Security management, network and information security, people security, and running of one or more services within a Security Operations Centre
- Deep Knowledge of the TCP/IP protocol suite, DHCP, DNS, LAN/WAN, and Operating System concepts
- Knowledge of network security including remote access, DMZ architecture, network monitoring, intrusion detection, and web server security
- Knowledge of security SIEMs and Security Logs Management: preferred Qradar, LogRythm, Sentinel, McAfee, Splunk
- Familiarity with other SIEMs: Arcsight, Fortisiem, Syslog
- Demonstrate experience working with commonly used malware sandboxes
- Good understanding of memory forensics, exploits, & attacks
- Good understanding of open source penetration testing tools
- Understanding of cyber threats and how intelligence is used by security appliances and operators
- Understanding of host and network forensic artifacts and indicators of compromise
- Demonstrate knowledge of Phising & Fraud based in fraudulent email analysis and management tools: Fireeye ETP, Forcepoint, ProofPoint, Cisco Email Security, Symantec Email Security
- Ability to work shifts ROTA 24x7x365 scheduled
- Awareness and application of compliance with BT policy and CySOC policies
- Customer focus, result-orientation, teamwork, taking ownership, analytical mindset, attention to detail, and ability to think out of the box
Similar jobs on JobTailor
Systems Engineer
NetImpact Strategies Inc.
Cyber SecurityFirewallsITSMLinuxSQLUnix
IT Security Specialist
Uni Systems
AnsibleCyber SecurityDNSLinuxPythonSplunkTCP/IP
Cybersecurity Engineering Instructor
SimSpace
Cyber SecurityLinuxMySQLOpen SourcePostgresPythonRubySpringSQLTCP/IP
Security Analyst II
Pondurance
Cyber SecurityLinuxOpen SourceUnix