Cyber security engineer

BIT SENTINEL is an information security company that aims to protect businesses against cyber threats by offering a variety of services including penetration testing, malware protection, cyber attacks recovery, 0day attacks mitigation, security audit, trainings and even preparing various competitions. For us, working together to ensure a secure & brighter future is no longer a cliche, we enjoy to explore innovations and permanently developing towards testing new technologies. We believe that technology is essential for driving human progress, and we’re doing our best to bring it one step closer to secure.

2-5 years of experience in IT
Solid understanding of network services, vulnerabilities and attacks;
Previous experience of working with raw log files review, data correlation, and analysis and also with network security tools, network traffic analyzers, firewalls logs, network flows, intrusion detection systems, system logs, memory dumps, vulnerability management (e.g., Rapid7, Nessus, Qualys, Acunetix), SOAR platforms (e.g., Splunk Phantom, Palo Alto Demisto) and SIEM (Splunk ES, ElasticSIEM etc) and Open Source equivalent
Previous experience in creating and maintaining procedures, documentations, workflows and runbooks.
Previous customer support experience including the resolution of customer escalations, incident handling and reporting.
Good knowledge of Bash (Unix shell) scripting, Python, Powershell
Good understanding of automation
Familiarity with general application and network security concepts
Strong organizational skills and detail-oriented
Strong presentation, written and verbal communication skills
Self-starter, doesn’t want to be micromanaged
Excellent team player

You will have to manage and monitor security alerts from key information security dashboards (IDS, antivirus, EDR, centralized logging, etc)
You will have to investigate alerts escalated from L1/L2, determining the threat source, the extent to which client assets have been compromised, adding recommendations for remediation as well as assisting in the implementation
You will participate in incident response activities
You will have to analyse and supervise different incident response actions with internal and external teams while owning the incident/event’s responsibility until complete closure.
You will have to come up with ideas to automate and integrate security tools and activities
You will be able to define, develop and strengthen internal security processes, programs, procedures, documentation, workflows
You will either assist or perform constant risk assessments, threat modeling, privacy assessments and information security reviews for new and our existing customers
You will be able to get involved and provide recommendation to improve existing capabilities that refer to monitoring, detection and/or how to respond to cyber threats
You will constantly interact with vulnerability, threat management and red teams and perform malware investigations, penetration testing, and threat hunting
You can research and develop new playbooks, runbooks and automation if you see the opportunity
You will work on special R&D security projects on an ad hoc basis
You will need to communicate, lead and support your colleagues with information security best practices
You will have to keep up to date with existing security threats and evolve network security posture accordingly

The office is located in the central area of Bucharest. For CV or any other inquiries, please send us an email at contact [at] bit-sentinel dot com.