Security Monitoring Analyst

Employer: Smartx Net Apps
Domain:
  • Internet - eCommerce
  • IT Hardware
  • IT Software
  • Job type: full-time
    Job level: 1 - 5 years of experience
    Location:
  • BUCHAREST
  • Updated at: 22.08.2019

    At SmartX, we are deploying and managing tens of nodes for delivering content everywhere in the world. The packman cloud at our profile speaks about how we’re working.

    Currently, we are looking for implementation of an exhaustive monitoring process of the company global network to find anomalous or malicious activity using various analytical methods and Security Information and Event Management (SIEM) tools in a high paced operational environment.

    What you should know: as part of a critical business function within Cyber Security, you have to provide your eagerness to learn and build skill-sets in an ongoing goal for overall perfectionism in the monitoring space. As we drive for visibility expansion, rapidly learn new technologies from cutting edge vendors and integrate the technologies with security monitoring.

    The most important: this is a place for people. Not a corporate, but an informal, chill, fun group, with a constant purpose: to use the best engineering methods and top-notch technologies to build amazing like what we’re doing, we like to be empowered, and we don’t like close supervision.

    This might be the place for you if:

    You have:

    • Unix/Linux administration experience;
    • 3 + years of experience directly related to Cyber Operations environment;
    • Ability to work in a team environment; ability to taking initiative to understand and master new operating systems, security applications, cloud security tools and open source tools;
    • Knowledge with Linux operating systems and common applications, working knowledge of and experience in detecting malicious code, threat vectors, and in-depth log analysis;
    • Knowledge of information systems security concepts and technologies; network architecture and tools; general database concepts; document management; hardware and software troubleshooting; intrusion tools; and open source alternatives.

    You might also have:

    • Bachelors Degree in Computer Science or related field;
    • Knowledge or willingness to learn: Linux iptables/netfilter, any IDS/IPS/NSM (preferably Suricata or Zeek – formerly Bro), any SIEM technology, Syslog, Shell scripting, Python, Ansible, OpenStack, Cloud Security Tools;
    • Experience with high traffic / high load environments;
    • Excellent problem solving skills.

    Your main responsibilities:

    • Collect security log data from the monitoring systems and applications;
    • Conduct security analysis of the collected log data, and generate reports;
    • Develop security alerts based on threat and security baseline;
    • Produce standard procedure for log collection, analysis and reporting/alerting;
    • Ensure technology employed by the Security Team compliments operational processes;
    • Perform basic network security analysis in support of Intrusion detection operations including the development and enrichment of indicators used to enhance the network security posture;
    • Ensure timely and effective identification of anomalies;
    • Provide security related recommendations to the team as threat events unfold;
    • Investigate anomalies and work with other Security Team members to eliminate threats;
    • Prioritise investigation of anomalies and communicate/escalate issues, concerns, including higher risk anomalies to the Security Team in clear, concise and risk-based language;
    • Contribute to a team of information security professionals analysing threat data, writing reports, briefing event details to leadership, and coordinating remediation activities across multiple organizations;
    • Assist manager in periodically reviewing standard operation procedures to ensure they are up-to-date and risk focused;
    • Regularly monitor various information security related web sites (SANS Internet Storm Center, Krebs on Security, SecureWorks, etc.) and mailing lists to stay up to date on current network threats, attack methodologies and trends;
    • On occasion, provide extended shift coverage with minimal travel required;
    • Stay abreast of the information security threat environment, risk trends and technology developments related to security monitoring.

    We have:

    • Benefits and professional development according to each individual’s needs;
    • Cozy workplace located within walking distance of many delicious restaurants and cafés;
    • In the days this doesn’t work for you, our office kitchen is always fully stocked with both sweet and savory snacks and drinks!