Information Security Advisor

Employer: Secureworks
Domain:
  • IT Software
  • Job type: full-time
    Job level: 1 - 5 years of experience
    Location:
  • BUCHAREST
  • Updated at: 19.03.2019

    Secureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. We help organizations confidently pursue business goals in a digitally-connected Consistently recognized by industry analysts and readers’ polls, we are one of the best in the world at understanding and anticipating threat behavior. We see 250 billion events every day acrolients in more than 55 countries, and our solutions work across all the layers of a client’s security environment, including 330 different vendor technologies. Join a talented, dedicated, and diverse team of researchers, analysts, engineers, consultants and business professionals who are focused 100% on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys and maintain our company’s leadership in the cyber security industry.

    Uniquely positioned to adapt as the industry evolves, we are also proud to be part of the Dell Technologies family. We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.”

    We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a

     

    Role Overview

     Be a part of an exciting and growing team that deals with information security attacks and incident response situations on a daily basis!  As a critical member of the team, you will receive alerts and respond to activity within the clients’ environment detected by using Secureworks Managed Security Services and tools. You will be responsible for investigating high alerts, determining the source of the threat, the extent to which client assets have been compromised, making recommendations and implementing remediation.

     

    Key Responsibilities

     

    This role will function as a SOC Analyst. You will receive alerts/events/tickets detected by Dell Secureworks Managed Security Services and respond by performing different activities within the client’s environment 
    In this position you will be responsible for investigating high alerts, determining the source of the threat, the extent to which client assets have been compromised, making recommendations for remediation, and assisting in the 
    Perform analysis of security events from multiple sources including but not limited to events from SIEM tools (Splunk, CTP, ArchSight, Q-Radar), network and host based IDS, firewall logs, system logs (Unix & Windows), mainframes, mid-range, applications and 
    Collaborate with Line of Business technical teams for resolution and mitigation of detected 
    Provide input for operational runbooks 
    Routinely interact with vulnerability and threat management teams and incorporate feedback into information security applications
    Supervise different incident response actions with internal and external teams while owning the responsibility for the incident/event until complete closure
    Knowledge sharing activities: participating in Community of Practice sessions recommended by TL 


    Qualification:

    years’ experience in  IT&C
    Previous experience in raw log files review, data correlation, and analysis (. firewalls logs, network flows, intrusion detection systems, system logs)
    Awareness of Information Security concepts (malware, emerging threats, attacks, and vulnerability management)
    Previous customer support experience including the resolution of customer escalations, incident handling and reporting

    Desirable Requirements

    Industry certification from vendors (ie: Cisco, Juniper, CompTIA, ITIL, Unix, Microsoft, Oracle, AWS 
    Experience in adjacent areas (Security Operations Center, Network Operations Center, System Administrator, Platform/Tool Support Engineer, IT Helpdesk support 
    Previous experience in following and procedures, step by step documentations, workflows and runbooks