Beschreibung
For a project at our client`s site in Zurich we are looking for anIT Security Consultant (m/w/d)
The ideal candidate will apply the technical know-how to drive the detection and investigation capabilities in different cloud environments. You will work with technology
partners to engineer and operate the security stack, increase the level of automation, and evaluate improvements.
Your profile:
• 5+ years of hands-on experience as a Security Incident Responder and/or Threat Hunter, familiar with Tanium and/or Defender ATP is an asset
• 3+ years of hands-on experience in implementing SIEM detection rules, familiar with QRadar and/or Sentinel is a plus
• 3+ years of hands-on experience in the area of scripting and automation, familiar with Demisto
• • 2+ years of hands-on experience with the Microsoft Cloud Security tools; Azure Sentinel, Defender ATP, Azure ATP, Cloud App Security, Office ATP, Azure Security Center, etc.
• Strong communiaction skills in English, German is beneficial
Your responsibilities:
• Conceptualize, test, and develop threat detection use cases
• Develop SIEM detection rules, capable of correlating data logs of various nature (i.e. host, network traffic, mail data, etc.), as well as the IRP playbooks that will guide the SOC and SIRT analysts through the Incident Response process phases.
• Design, test, and develop integrations and automation logic among the tools in the technology stack (i.e. cloud security products, SIEM, IRP, TIP) to support the investigation activities of SOC and SIRT
• Analyze, triage, investigate, document security incidents, and adequately communicate the results to the stakeholders.
• Conceptualize, test, and develop threat hunting use cases, as well as perform data/attack -based threat hunting.
We look forward to receive your application to or you can call us on if you have any further question.
Due to work permit restrictions, we can only consider applications from EU or Swiss citizens as well as current work-permit holders for Switzerland.