• IdealStaffs

Junior Security Operations Analyst (REMOTE)

Updated: Jul 4

Client: United Nations

Location: Valencia, Spain or Remote

Position: Consultant

Application Deadline: 18th July 2021


To apply for this position, please send your resume at office@idealstaffs.com and mention the job title that you are applying for.


IdealStaffs Consulting is looking for a Junior Security Operations Analyst to provide information and communication technology (ICT) services (including training) on an inter-organizational basis. The candidate must be flexible, able to work in a highly collaborative environment, prioritize across multiple competing tasks, and be able to complete tasks on time.


Assigned Duties


Under the direct supervision of Lead, Cyber security Operations within the close collaboration with the Information Security Services team members in Clients and Projects to perform the following duties:


  • Participates in a team of Security operations engineers investigating alerts, anomalies, errors, intrusions, malware, etc. to identify the responsible, determine remediation, and recommend security improvements

  • Monitor and investigate alerts using Microsoft Security Tools (e.g. M365, Cloud App Security, Azure, Defender for Endpoints, Azure Security, Azure Sentinel and XDR

  • Monitor and triage AWS security events and detections

  • Monitor and investigate alerts leveraging EDR solutions

  • Review security events that are populated in a Security Information and Event Management (SIEM) system

  • Analyse a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident

  • Follows precise analytical paths to determine the nature and extent of problems being reported by tools, e-mails, alerts, etc.

  • Run vulnerability scans and reviews vulnerability assessment reports.

  • Manages and configures security monitoring tools

  • Open tickets and assigning them to Tier II or other Security Operation teams after eliminating false positives;

  • Responsible for working in a 24x7 Security Operation Centre (SOC) environment;

  • Integrate and share information with other analysts and other teams

  • Determines remediation and recovery efforts.

  • Other duties as assigned


Knowledge and Skills

Essential:

  • Knowledge of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols

  • Deep knowledge of with Microsoft Security Tools (e.g. M365, Cloud App Security, Azure, Defender for Endpoints, Azure Security, Azure Sentinel and XDR

  • Deep Knowledge of Cloud technologies (e.g. Azure, AWS and GCP)

  • Proven knowledge of monitoring AWS environment (Iaas,Saas, Paas)

  • Deep knowledge of SIEM tools like Splunk, QRadar, ArcSight, Azure Sentinel, ELK Stack

  • Knowledge of at least one EDR solution (RedCloak, ATP, Sentinelone, Crowdstrike)

  • Knowledge of email security, network monitoring, and incident response

  • Excellent communication skills

  • Knowledge of Linux/Mac/Windows;

  • Programming skills (Python, Ruby, PHP, C, C#, Java, Perl, and more)


Education

Desirable:

Any one of the following certifications

  • MCSE, CCNA, GCIH, CEH, GCFA or any SANS certification


Experience

Essential:

  • Proven experience with Microsoft Security Tools (e.g. M365, Cloud App Security, Azure, Defender for Endpoints, Azure Security, Azure Sentinel and XDR

  • Proven experience in monitoring AWS environment (Iaas,Saas, Paas)

  • Proven experience supporting and monitoring endpoints with one of the following EDR solutions (ATP, Crowdstrike, RedCloak, Sentinelone)

  • 6 years of relevant experience in administration /support of one of the following services or technologies

  • Active Directory Services

  • Perimeter network infrastructure (IPS/IDS/Firewalls)

  • Operating systems (Windows 2008, Windows 2012, Windows 10, Linux, Apple iOS)

  • Exchange /Domino/Email services

  • Active Directory Federation Services

  • Endpoint protection tools

  • SIEM/log management solutions

  • Two years’ experience providing analysis and trending of security log data from a large number of heterogeneous security devices

  • Extensive Windows, Linux, Database, Application, Web server, etc. log analysis

  • Experience in vulnerability management and security incident response activities.

  • Experience on an Incident Response team performing Tier I/II initial incident triage.



133 views0 comments

Recent Posts

See All