Infosec Security Analyst at Secureworks (DC-0006)
Secureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. Consistently recognized by industry analysts and readers’ polls, we are one of the best in the world at understanding and anticipating threat behavior. Join a talented, dedicated, and diverse team of security researchers, analysts, engineers, and consultants who are focused 100% on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys, and maintain our company’s leadership in the cyber security industry.
As a proud part of the Dell Technologies family, we enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
Be a part of an exciting and growing team that deals with information security attacks and incident response situations on a daily basis! As a key member of the team, you will work with our high visibility clients and receive complex alerts and respond to activity within the clients’ environment detected by using Secureworks Managed Security Services and tools. You will be responsible for investigating high alerts, determining the source of the threat, the extent to which client assets have been compromised, making recommendations and implementing remediation.
- This role will function as a SOC Analyst. You will receive alerts/events/tickets detected by Dell SecureWorks Managed Security Services and respond by performing different activities within the client’s environment
- In this position you will be responsible for investigating high alerts, determining the source of the threat, the extent to which client assets have been compromised, making recommendations for remediation, and assisting in the implementation.
- Perform analysis of security events from multiple sources including but not limited to events from SIEM tools (Splunk, CTP, ArchSight), network and host based IDS, firewall logs, system logs (Unix & Windows), mainframes, mid-range, applications and databases.
- Collaborate with Line of Business technical teams for resolution and mitigation of detected issues.
- Document the actions taken for audit, regulatory and legal purposes within approved event tracking system.
- Routinely interact with vulnerability and threat management teams and incorporate feedback into information security applications
- Supervise different incident response actions with internal and external teams while owning the responsibility for the incident/event until complete closure
- 1-5 years’ experience in IT&C
- Previous experience in raw log files review, data correlation, and analysis (i.e. firewalls logs, network flows, intrusion detection systems, system logs)
- Good understanding of Information Security concepts (malware, emerging threats, attacks, and vulnerability management)
- Previous experience in elaborating and maintaining procedures, documentations, workflows and runbooks
- Previous customer support experience including the resolution of customer escalations, incident handling and reporting
Nice to have:
- Industry related certifications: Cisco, Juniper, CompTIA, ITIL, Unix, Microsoft, Oracle, AWS
- Previous experience in adjacent areas such as: Security Operations Center, Network Operations Center, System Administrator, Platform/Tool Support Engineer, IT Helpdesk support
- Previous experience with Splunk or ELK Stack
Our people are the most critical component of our long-term success and their health and wellbeing are our priority. You will enjoy a comprehensive, locally competitive benefits package (including company funded certifications). We are in a large, modern, open plan space conveniently located in AFI Business Park 4&5, near AFI Palace Cotroceni Mall
Sponsors & Partners
They help us make this conference possible.
At Orange Business Services, we help our customers transform their industries, reimagine their services, create a positive impact and unleash the power of their data into an amazing and trusted resource.
With the dual expertise as a global operator coupled with the agility of an end-to-end integrator, Orange Business Services is a global network-native, digital services company. From connectivity, smart mobility services and the cloud to artificial intelligence (AI), analytics and cybersecurity, Orange Business Services helps businesses at every stage of their data management. Orange Business Services is represented in Romania by the business division of Orange Romania and helps large companies, SMEs and public authorities to transform their organizations through the use of technology and digital information.