Beschreibung
Mit uns, der Allgeier Experts, bist Du bei der Jobsuche unabhängig! Unabhängig von Vertragsart, Branche und klassischem Bewerbungsverfahren. Zudem profitierst Du von unserem ausgeprägten Kundennetzwerk in ganz Deutschland und sicherst Dir so die Perspektive, die wirklich zu Dir und Deinem Leben passt!Tasks
* Define and document the Security Incident and Response Playbooks required to support the SIEM implementation and work closely with the relevant IT Stakeholders and Incident Management teams in the roll out and integration
* Define, document and update all processes required to support phase 1 and phase 2 of the SIEM implementation
* Review and assess impact and remediation actions for incidents escalated by SOC Level 1 as part of ongoing use case refinement activities
* Assist with the tuning of the approved use cases and assist in reducing the number of false positives
* Work closely with the IT Security Operations Team Lead and support the IT Security Manager for the SIEM on security incident processes and response plans and processes
* Support the implementation of the new SIEM
Requirements
* Strong experience of investigating network threats with advanced analysis experience of multiple attack vectors such as Malware, Trojans, Exploit Kits, Ransomware and Phishing techniques, APTs, etc.
* Good Experience in documenting security incident response playbooks
* Good understanding of Firewalls and Network Security
* Understanding of network protocols
* Good Security Analysis experience to include incident classification, investigation and remediation.
* Strong analytical, troubleshooting and problem-solving skills for security information and event management.
* Experience with reviewing Intrusion Detection System, Intrusion Prevention, Firewall and other security logs and alerts
* Experience of analysing alerts from a SIEM, identifying false positives and determining the appropriate remediation action to take
* Good knowledge of attack vectors particularly MITRE Attack Framework
* Knowledge of Cloud Services (AWS/Azure)
* Knowledge of Cloud security principles, techniques and technologies
* Ability to resolve problems independently
* Knowledge and experience with Windows, Unix/Linux operating systems
* Experience with Security Information and Event Management (SIEM) tools e.g. Splunk
* Previous experience working as part of a SOC is a bonus but not essential
* Experience working with MSSPs or Third Party Providers
Keep up to date with current threat intelligence
Personal Skills * Excellent written and verbal communication
* Self-motivated and be able to work in an independent manner
* Strong analytical and problem solving skills
* Confident in engaging with Stakeholders at all levels of the organisation
* Strong Interpersonal Skills
* Excellent team working capabilities
* Flexible and adaptable to change
* Able to work well under pressure
* Good Conflict Management Skills
* Ability to manage multiple tasks
Required Qualifications:
CompTIA Security+
Nice to have but not essential: * CEH
* CISSP
Für nähere Informationen zu diesem und auch weiteren Angeboten sind wir selbstverständlich jederzeit erreichbar.
Um eine schnelle Bearbeitung zu garantieren, bitten wir um die Angabe der Referenznummer.
Beginn:
Dauer:
Branche: Energieversorger