MT-803] Senior Security Analyst

Endava

  • San Vicente, Antioquia
  • Permanente
  • Tiempo completo
  • Hace 14 horas
**Responsibilities**:- Detect and respond to malicious behavior on cloud systems, SaaS, workstations, servers, and networks
- Review and respond to escalated security events
- Proactively hunting threats within our environment
- Write detection signatures, tune systems / tools, develop automation scripts and correlation rules
- Maintain knowledge of adversary tactics, techniques, and procedures (TTP)
- Conduct forensic analysis on systems and engage third-party resources as required
- Provide timely and relevant updates to appropriate stakeholders and decision makers**Qualifications and Experience**:- 2+ years of relevant security experience
- Bachelor’s in Computer Science, Information Security, Business, Management, Information Technology, or related field
- Hands-on experience in the detection, response, mitigation, and/or reporting of cyberthreats affecting networks, computer intrusion detection, analysis, and incident response
- Experience in forensics, malware analysis, threat intelligence
- Ability to understand, modify and create threat detection rules within a SIEM (Splunk, Sentinel, IBM QRadar)
- Knowledge and experience with Windows, Linux operating systems, Networks, and Cloud Technologies
- Experience using Python, Perl, PowerShell, or an equivalent language
- Experience with network forensics and associated toolsets and analysis techniques
- Experience with host-based detection and prevention suites (Crowdstrike, Palo Alto, Splunk, Microsoft SCEP, Carbon Black Response, OSSEC, Microsoft Defender, Microsoft Azure Security Center, Azure Sentinel, etc.)
- The ability to reverse engineer malware is a plus
- Understanding of log collection and aggregation techniques, Elasticsearch, Logstash, Kibana (ELK), Syslog-NG, Windows Event Forwarding (WEF), etc.
- Ability to correlate data from multiple data sources to create a more accurate picture of cyberthreats and vulnerabilities
- Certifications including but not limited to: Azure Security Engineer, CEH - Certified Ethical Hacker, Comptia Security+, CISSP, BTL1, BTL2, CASP, CysA
- Experience working with cloud technologies (AWS, Azure, SaaS, etc.)

Kit Empleo