Kaspersky sta cercando un SOC Analyst in Italia che farà parte del team SOC impegnato nel monitoraggio continuo della sicurezza, nella risposta agli incidenti e nella ricerca alle minacce informatiche.
The SOC analyst is a part of the SOC team, engaged in continuous security monitoring, lightweight incident response and cyber threat hunting. This position is the 1st tier of monitoring team.
What You Will Be Doing:
- Analyze security events from endpoints (Windows, Mac, Linux), Network IDS, Web-proxies, Mail-gateways, Active Directory infrastructure
- Detect and investigate information security incidents
- Propose Incident response actions and remediation plan.
- Identification of potential vectors of attacks, develop detection methods of these attacks by existing technological solutions
- Adjust detection logic to fit Customer needs (filter out false positives, customize correlation rules, etc)
- Communicate with Customers regarding detected incidents and suspicious activities.
What You Should Have/Know:
- Fluency in English is mandatory
- Practical experience in the identification and investigation of information security incidents, development of recommendations to prevent similar incidents in the future
- Understanding of the methods, tools and processes to respond to information security incidents
- Experience in network traffic and log-files analysis from various sources
- Knowledge of current threats, vulnerabilities, typical of attacks on information systems and tools to implement them, as well as methods for their detection and response
- Knowledge of network protocols, the architectures of modern operating systems and information security technologies
It would be even better if you have/know:
- Experience in work with ELK stack is welcome
- Certifications (Offensive Security, GIAC) are welcome.
https://career18.sapsf.com/sfcareer/jobreqcareer?jobId=15476&company=KL