Security Analyst

Kindred People AB / Datajobb / Stockholm
Observera att sista ansökningsdag har passerat.


Visa alla datajobb i Stockholm, Solna, Lidingö, Sundbyberg, Danderyd eller i hela Sverige
Visa alla jobb hos Kindred People AB i Stockholm

About the role
The Group Security team is embarking on a mission of rapid maturity and require a highly motivated and talented information security specialist to help guide us on this journey.
The Group Security team operates out of Stockholm and is responsible for securing the Kindred Group and its assets.We are searching for that certain someone who is not satisfied in just knowing common standards and frameworks, but instead likes to understand vulnerabilities, the exploitability, how to think like the adversary, and most importantly how to defend against them. You will have a real personal passion for security (across a broad range of domains), technology and an insatiable lust to develop further as a security expert (both technically and generally).
Whilst the role is within the security operations line, there is ample opportunity to work across the broader Group Security and assist in the Cyber Security line (Red Team) on their initiatives (e.g. penetration testing, devops security, etc.)
What you will be doing?
Triage and respond to information security incidents reported via SIEM, ticketing system, email, etc...
Perform root cause analysis, document findings and collaborate with technology/process owners to prevent future occurrences.
Research, analyze and understand log sources originating from security and networking devices such as firewalls, routers, proxy, anti-virus products, and operating systems.
Automate manual processes via scripting and utilization of various tools and platforms.
Perform raw data review in an effort to identify malicious activity for which signatures/content do not exist.
Assist with the development of new content and tuning/filtering of existing content for SIEM, IDS/IPS, and other security technologies.
Assist management in ensuring the team is executing on core responsibilities such as working incidents through to completion, ticket queue maintenance, documentation, training requirements, etc...
Work with management to define and update standard operating procedures and response plans.
Support efforts of stakeholders during all phases of the Incident Response process.
Serve as a primary escalation point for security incidents.
Manage or contribute to projects that directly correspond to the maturity and/or capabilities of the Security Operations team.
Assist with the development and execution of the vulnerability management programme and correlation

What have you done?
Advanced knowledge of computer networking: TCP/IP, routing and protocols.
Advanced knowledge of packet structure and previous experience performing in-depth packet analysis.
Advanced knowledge of Incident Response methodologies and information security best practices/technologies
Advanced knowledge regarding the administration, use, securing and exploitation of common operating systems
Minimum of 3 years' experience utilising HIDS/NIDS, SIEM, anti-virus, web-proxy, packet capture tools, host based analysis technologies in a security analyst capacity
Minimum of 3 years' experience analyzing log sources originating from security and networking devices such as firewalls, routers, proxy, anti-virus products, and operating systems required.
Proficiency in log parsing and data analysis (REGEX is a must)
Proficiency in Python 3 or other scripting language
Demonstrate knowledge of indicators of compromise (IOC) and Advanced Persistent Threat (APT) as it applies to event/incident/offense analysis
Research and analytical background and an analytical approach; especially with respect to event classification, event correlation, and root cause analysis.
Able to perform true and false positive event (or offense) analysis with a high degree of accuracy
Must exhibit an aptitude for thoroughly researching issues to determine a root cause
Must exhibit the ability to take threat intelligence and correlate it within the context of event/incident/offense analysis
Familiarity with a standardised incident response framework, and ability to further develop the IRP and triage procedures within the SOC
Highly desirable: experience with building and maintaining effective vulnerability management programme using industry standard technologies
Highly desirable: experience with "The Hive" Incident Response Platform and associated technology or threat intelligence feeds and platforms (e.g. MISP, yara, virustotal, abuse finder etc.)
Highly desirable: experience with cloud platforms like AWS, GCP or Azure
Highly desirable: experience with O365


Education / Qualifications/ Professional Certificates

Desirable: Relevant university degree, GNFA, GCFE, GPEN, GREM, OSCP or other technical certification, Certification for security operations technology e.g. SIEM, vulnerability management, HIDS/NIDS solutions, ...

Publiceringsdatum
2019-08-09

Så ansöker du
Sista dag att ansöka är 2019-12-31
Klicka på denna länk för att göra din ansökan

Adress
Kindred People AB
Rådmansgatan 40
11357 STOCKHOLM

Omfattning
Detta är ett heltidsjobb.

Arbetsgivare
Kindred People AB (org.nr 556594-1621)
Rådmansgatan 40 (visa karta)
113 57  STOCKHOLM

Jobbnummer
4890761

Observera att sista ansökningsdag har passerat.

Prenumerera på jobb från Kindred People AB

Fyll i din e-postadress för att få e-postnotifiering när det dyker upp fler lediga jobb hos Kindred People AB: