Cyber Security Operations Expert (DC-0018)
Cyber Security Operation Expert is the primary defense component when a Security incident is confirmed with overall responsibility for defining and executing the Incident Response lifecycle and remediation activities as a part of Incident Handling.
The role of our new colleague is to integrate the SIEM with critical business functions, to perform SIEM administration and analytics (design and implementation of uses cases plus maintenance); to conduct technical analysis to determine impact, scope, and recovery options from actual or potential cyber incidents;to employ digital forensics tools and techniques where required to support Cyber Incident Response activities.
The candidate will document the results of threat analysis and any subsequent remediation and recovery in a consistent manner; will present the incident report to involved parties and will write and distribute Lessons Learned technical articles for knowledge sharing.
The Cyber Security Operation Expert will have engineering responsibilities: to define and implement advanced solutions that answer to security and cyber-security threats; to extend Security Operations Center activity to areas not yet covered.
- Integrate,administrate, maintain and develop the SIEM platform
- Perform Cyber Security Incident Response life cycle (preparation; detection andan alysis, containment, eradication and recovery; post-incident activity)
- Prepare reports on the identified treats or incidents together with the associated recommendations;performs the follow-up to implement the recommendations
- Assesses Cyber Security risks and analyze potential mitigation strategies to reduce the exposure (Use Cases, Scenarios)
- Detailed analyses of various security event sources (FW, IDS, PROXY, AD etc.) Acts as the interface with other IT/Network and business departments regarding Cyber Security incidents
- Perform on call activity
- Provide support to L1 analysts inside Security Operations Center
- Carries out studies and research on intrusion detection methods
- Participate in the implementation and improvement of the specific tolls associated to Security Operations Center ecosystem
- Investigates, proposes and develops automated methods for detection and malware analysis
- Participate in the implementation and development of specific business security models, acting as a security adviser.
- Defines preventive actions and needed operations, as a leader of security improvements activities
- Keeping up to date with industry trends and technology
- Performs and presents security audits, specific IT penetration tests, vulnerabilities exploitation
The candidate should possess deep knowledge in:
- OS Linux
- Integrated security architectures, technologies and security methods
- Malware analysis, vast experience with cyber security threats
- Vast experience with security high end technologies
- Experienced with analysis and incident response
- SIEM operations and administration
- Penetration tests, Ethical hacking
- Automation skills and automating tasks
- Professional team player, passionate about security
- Security qualifications and certifications will be highly appreciated
Sponsors & Partners
They help us make this conference possible.
At Orange Business Services, we help our customers transform their industries, reimagine their services, create a positive impact and unleash the power of their data into an amazing and trusted resource.
With the dual expertise as a global operator coupled with the agility of an end-to-end integrator, Orange Business Services is a global network-native, digital services company. From connectivity, smart mobility services and the cloud to artificial intelligence (AI), analytics and cybersecurity, Orange Business Services helps businesses at every stage of their data management. Orange Business Services is represented in Romania by the business division of Orange Romania and helps large companies, SMEs and public authorities to transform their organizations through the use of technology and digital information.