[CAST] ¿Sabes dónde encontrar el equipo humano y el trato que mereces, participando en proyectos que te estimulen? Puedes encontrar buenos proyectos en muchos sitios, pero en BETWEEN Technology además obtendrás el trato humano que siempre has echado en falta. ¡Únete a nuestro equipo!
[ENG] Do you know where to find the human team and the treatment you deserve, participating in projects that stimulate you? You can find good projects in many places, but at BETWEEN Technology you can also have the humane treatment that you have always looked for. Join our team!
We are looking for a CISOC Analyst to join one of the teams that Between has implanted in one of our main clients in the pharma sector.
You will work collaboratively to detect and respond to information security incidents, maintaining and following procedures for security event alerting and participating in security investigations.
Main duties:
1. Perform triage, investigation and hunting activities to identify and validate potential security incidents through:
-SIEM alert analysis and hunting activities:
o It's expected to actively work with SIEM solutions to perform:
- Analysis of security alerts escalated from first level operation team
- Hunting activities over stored logs searching for anomalous patterns and behaviors.
- Traffic capture analysis:
o It expected solid understanding of common protocols and main protocol headers to perform packet capture analysis.
- Payload analysis:
o It's expected solid understanding of most common web attacks and capability to difference between actual attacks and false positives through payload analysis:
o Common web attacks to know:
- SQL Injection
- Cross Site Scripting
- Cross Site Request Forgery
- Local / Remote File Inclusion
- Basic understanding of buffer overflow
- Brute Force attacks
2. Perform Open Source Intelligence investigations regarding potential security incidents, vulnerabilities and threats.
3. Apply countermeasures on security layers for security incident containment
o It's expected to perform some platform management activities to adapt security policies to detect and block malicious or suspicious traffics to avoid further damage.
4. Analyze vulnerability scanner reports and report filtered information to technical teams for remediation
o It's expected capability to understand technical description of well-known vulnerabilities in common OS and applications.
5. Record activities in ticketing system
6. Generate security and activity regular reports
7. Manage small to medium sized projects, or play a key role within a large project team regarding security environment.
Además, trabajando para BETWEEN obtendrás los siguientes beneficios añadidos:
Required Professional Experience:
Required knowledge: