Analyst – Cybersecurity en 100% En remoto.
Our cybersecurity team Cipher (Prosegur Group Cybersecurity Company) launches a project based on the quality of the security of assets information systems processes and of course people.
Cipher represents the ambition to lead the cybersecurity industry.
A more specialized and recognized brand in cybersecurity
With an experience of 18 years in the market
With global pressence including the United States.
A team of professionals with the highest certifications in the industry
An important portfolio of security solutions with global leadership in Managed Cybersecurity Services
Greater investment in R+D.
We are looking for an Expert/Analyst in cybersecurity
Modelate and create user cases
Maintenance state of user cases
Manage global alerts from customers.
Analyze alerts to ensure their reliability.
Ensure the integrity of the consolidated information.
Investigate sequences of occurrences.
Complete and improve information on portal.
Generate and maintain response playbooks procedures and what to do .
Enable the global context of security at the customer.
Interlocution with CSM Analyst and Integrator.
Exchange of information with Customer. user cases in production.
Daily sessions with team. Weekly with client.
Evaluation of global rules user cases and behavior for improvement.
Deployment of infrastructures and supervision of analyst activity.
Mitre Defend frameworks. Experience in working methodology with TTPs.
Phases of an attack (CyberKillChain).
OSINT GEOINT HUMNIT MASINT and SIGINT tools (intelligence gathering tools). Management of solutions focused on Deep Dark Web underground forums non-indexed engines etc. (Intel).
Deep Knowledge of hunting methodologies and evidence analysis.
Experience in SIEM and EDR search engine research (Elastic Qradar Cytomic Crowdstrike Cybereason Defender).
Experience in searching under EQL and EKL type language.
Experience in managing and configuring alerts in event monitoring systems. CSIRT L1 or L2.
Experience in creating managing and deployment of use cases alert thresholds correlation rules simple rules etc.
Experience in event parsing and normalization.
Knowledge in system defense and attack knowledge in offensive security. Adversary simulation and attack ontology.
Knowledge of network protocols (OSI layer) and experience with perimeter security equipment such as firewall (IDS/IPS) WAF etc.
Experience of operating systems and communications.
OSCP CompTIA+ Sec CEH CCH Incident Handling certifications desirable.
6+ years working on these tasks and previous experience in security management administration or operation.
Speak and understand conversations in English
What do we offer?
Competitve salary based on your expectations and experience
Well defined career paths
100 remote work
If you have interest in our offer you can apply or you can contact me directly.
Ciberseguridad, SIEM, EDR, Elastic, Qradar, Cytomic, Crowdstrike, Cybereason, Defender
You must sign in to apply for this position.
The activities will help you to apply remote jobs high efficiency, do onlne remote job interview and discuss remote job informations