CISOC Analyst

We are looking for a CISOC Analyst to join one of the teams that Between has implanted in one of our main clients in the pharma sector.

You will work collaboratively to detect and respond to information security incidents, maintaining and following procedures for security event alerting and participating in security investigations.

Main duties:

1. Perform triage, investigation and hunting activities to identify and validate potential security incidents through:
-SIEM alert analysis and hunting activities:
     o It's expected to actively work with SIEM solutions to perform:
        - Analysis of security alerts escalated from first level operation team
        - Hunting activities over stored logs searching for anomalous patterns and behaviors.
- Traffic capture analysis:
      o It expected solid understanding of common protocols and main protocol headers to perform packet capture analysis.
- Payload analysis:
      o It's expected solid understanding of most common web attacks and capability to difference between actual attacks and false positives through payload analysis:
     o Common web attacks to know:
        - SQL Injection
        - Cross Site Scripting
        - Cross Site Request Forgery  
        - Local / Remote File Inclusion
        - Basic understanding of buffer overflow
        - Brute Force attacks
2. Perform Open Source Intelligence investigations regarding potential security incidents, vulnerabilities and threats.
3. Apply countermeasures on security layers for security incident containment
     o It's expected to perform some platform management activities to adapt security policies to detect and block malicious or suspicious traffics to avoid further damage.
4. Analyze vulnerability scanner reports and report filtered information to technical teams for remediation
     o It's expected capability to understand technical description of well-known vulnerabilities in common OS and applications.
5. Record activities in ticketing system
6. Generate security and activity regular reports
7. Manage small to medium sized projects, or play a key role within a large project team regarding security environment.

Además, trabajando para BETWEEN obtendrás los siguientes beneficios añadidos:

• Posibilidad de formar parte de una empresa en pleno crecimiento a nivel nacional e internacional. Un buen lugar donde trabajar: cuidamos de nuestro equipo y la sociedad a través de iniciativas, programas de conciliación y de responsabilidad social corporativa

• Te integrarás en un equipo de alto rendimiento y con un alto grado de especialización.

• Dispondrás de oportunidades de formación y desarrollo profesional

• Pondremos a tu disposición un amplio abanico de retos y proyectos acordes con tus objetivos personales y profesionales.

• Posibilidad de elegir cómo obtener parte de tu salario gracias a las ventajas fiscales de nuestra Retribución Flexible, y descuentos para acceder a centros de fitness, entre otros

• En BETWEEN,  la igualdad de oportunidades es uno de nuestros valores. Nuestro compromiso es contratar al mejor talentos independientemente de su raza, religión, sexo, edad y personas con otras capacidades y promover su desarrollo profesional y personal.