POSITION

Cyber Security Operations Expert (DC-0018)

Cyber Security Operation Expert is the primary defense component when a Security incident is confirmed with overall responsibility for defining and executing the Incident Response lifecycle and remediation activities as a part of Incident Handling.

The role of our new colleague is to integrate the SIEM with critical business functions, to perform SIEM administration and analytics (design and implementation of uses cases plus maintenance); to conduct technical analysis to determine impact, scope, and recovery options from actual or potential cyber incidents;to employ digital forensics tools and techniques where required to support Cyber Incident Response activities.

The candidate will document the results of threat analysis and any subsequent remediation and recovery in a consistent manner; will present the incident report to involved parties and will write and distribute Lessons Learned technical articles for knowledge sharing.

The Cyber Security Operation Expert will have engineering responsibilities: to define and implement advanced solutions that answer to security and cyber-security threats; to extend Security Operations Center activity to areas not yet covered.

Responsibilities

  • Integrate,administrate, maintain and develop the SIEM platform
  • Perform Cyber Security Incident Response life cycle (preparation; detection andan alysis, containment, eradication and recovery; post-incident activity)
  • Prepare reports on the identified treats or incidents together with the associated recommendations;performs the follow-up to implement the recommendations
  • Assesses Cyber Security risks and analyze potential mitigation strategies to reduce the exposure (Use Cases, Scenarios)
  • Detailed analyses of various security event sources (FW, IDS, PROXY, AD etc.) Acts as the interface with other IT/Network and business departments regarding Cyber Security incidents
  • Perform on call activity
  • Provide support to L1 analysts inside Security Operations Center
  • Carries out studies and research on intrusion detection methods
  • Participate in the implementation and improvement of the specific tolls associated to Security Operations Center ecosystem
  • Investigates, proposes and develops automated methods for detection and malware analysis
  • Participate in the implementation and development of specific business security models, acting as a security adviser.
  • Defines preventive actions and needed operations, as a leader of security improvements activities
  • Keeping up to date with industry trends and technology
  • Performs and presents security audits, specific IT penetration tests, vulnerabilities exploitation

Requirements

The candidate should possess deep knowledge in:

    • OS Linux
    • Integrated security architectures, technologies and security methods
    • Malware analysis, vast experience with cyber security threats
    • Vast experience with security high end technologies
    • Experienced with analysis and incident response
    • SIEM operations and administration
    • Penetration tests, Ethical hacking
    • Scripting and programming skills (e.g. python, ruby, JavaScript, C/C++, php)
    • Automation skills and automating tasks
    • Professional team player, passionate about security
    • Security qualifications and certifications will be highly appreciated

    Sponsors & Partners

    They help us make this conference possible.

    POWERED BY

    Orange „brings you closer to what matters to you”.

    This is our brand promise: to bring our clients closer to what’s essential to them and to keep them always connected and in touch with the latest technologies, by offering them the best and safest communication experience.

    WWW.ORANGE.RO

    PLATINUM PARTNERS

    Ixia provides testing, visibility, security solutions, network testing tools and virtual network security solutions to strengthen applications across physical and virtual networks.

    WWW.IXIACOM.COM

    Secureworks provides threat intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

    WWW.SECUREWORKS.COM

    GOLD PARTNERS
    SILVER PARTNERS
    GAMING PARTNER
    VIP & SPEAKERS LOUNGE PARTNER
    BRONZE PARTNERS
    COMMUNITY & MEDIA PARTNERS