POSITION

Infosec Security Analyst at Secureworks (DC-0006)

Secureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. Consistently recognized by industry analysts and readers’ polls, we are one of the best in the world at understanding and anticipating threat behavior. Join a talented, dedicated, and diverse team of security researchers, analysts, engineers, and consultants who are focused 100% on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys, and maintain our company’s leadership in the cyber security industry.

As a proud part of the Dell Technologies family, we enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.

Role Overview

Be a part of an exciting and growing team that deals with information security attacks and incident response situations on a daily basis! As a key member of the team, you will work with our high visibility clients and receive complex alerts and respond to activity within the clients’ environment detected by using Secureworks Managed Security Services and tools. You will be responsible for investigating high alerts, determining the source of the threat, the extent to which client assets have been compromised, making recommendations and implementing remediation.

Key Responsibilities

  • This role will function as a SOC Analyst. You will receive alerts/events/tickets detected by Dell SecureWorks Managed Security Services and respond by performing different activities within the client’s environment
  • In this position you will be responsible for investigating high alerts, determining the source of the threat, the extent to which client assets have been compromised, making recommendations for remediation, and assisting in the implementation.
  • Perform analysis of security events from multiple sources including but not limited to events from SIEM tools (Splunk, CTP, ArchSight), network and host based IDS, firewall logs, system logs (Unix & Windows), mainframes, mid-range, applications and databases.
  • Collaborate with Line of Business technical teams for resolution and mitigation of detected issues.
  • Document the actions taken for audit, regulatory and legal purposes within approved event tracking system.
  • Routinely interact with vulnerability and threat management teams and incorporate feedback into information security applications
  • Supervise different incident response actions with internal and external teams while owning the responsibility for the incident/event until complete closure

Essential Requirements

  • 1-5 years’ experience in IT&C
  • Previous experience in raw log files review, data correlation, and analysis (i.e. firewalls logs, network flows, intrusion detection systems, system logs)
  • Good understanding of Information Security concepts (malware, emerging threats, attacks, and vulnerability management)
  • Previous experience in elaborating and maintaining procedures, documentations, workflows and runbooks
  • Previous customer support experience including the resolution of customer escalations, incident handling and reporting

Nice to have:

  • Industry related certifications: Cisco, Juniper, CompTIA, ITIL, Unix, Microsoft, Oracle, AWS
  • Previous experience in adjacent areas such as: Security Operations Center, Network Operations Center, System Administrator, Platform/Tool Support Engineer, IT Helpdesk support
  • Previous experience with Splunk or ELK Stack

Benefits

Our people are the most critical component of our long-term success and their health and wellbeing are our priority. You will enjoy a comprehensive, locally competitive benefits package (including company funded certifications). We are in a large, modern, open plan space conveniently located in AFI Business Park 4&5, near AFI Palace Cotroceni Mall

Sponsors & Partners

They help us make this conference possible.

POWERED BY

Orange „brings you closer to what matters to you”.

This is our brand promise: to bring our clients closer to what’s essential to them and to keep them always connected and in touch with the latest technologies, by offering them the best and safest communication experience.

WWW.ORANGE.RO

PLATINUM PARTNERS

Ixia provides testing, visibility, security solutions, network testing tools and virtual network security solutions to strengthen applications across physical and virtual networks.

WWW.IXIACOM.COM

Secureworks provides threat intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

WWW.SECUREWORKS.COM

GOLD PARTNERS
SILVER PARTNERS
GAMING PARTNER
VIP & SPEAKERS LOUNGE PARTNER
BRONZE PARTNERS
COMMUNITY & MEDIA PARTNERS