Information Security Advisor

Employer: Secureworks
Domain:
  • IT Hardware
  • IT Software
  • Telecommunication
  • Job type: full-time
    Job level: 1 - 5 years of experience
    Location:
  • BUCHAREST
  • nationwide
    Updated at: 27.11.2021
    Short company description

    Secureworks® (NASDAQ: SCWX) is a global cybersecurity leader that protects customer progress with Secureworks® Taegis™, a cloud-native security analytics platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

    We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.

    Requirements

    Qualification:

    3-5 years of Information Technology experience with network technologies.
    Previous experience in raw log files review, data correlation, and analysis (i.e., firewalls logs, network flows, intrusion detection systems, system logs).
    Solid understanding of Information Security concepts (malware, emerging threats, attacks, and vulnerability management).
    Previous experience in elaborating and maintaining procedures, documentations, workflows, and runbooks.
    Previous customer support experience including the resolution of customer escalations, incident handling and reporting.
    Experience in customer interaction and business communication with customer stakeholders and setting correct expectations.

    Desirable Requirements:

    Industry certification from vendors (ie: Cisco, SANS, CompTIA, ITIL, Unix, Microsoft, Oracle, AWS).
    Experience in adjacent areas (Security Operations Center, Network Operations Center, Platform/Tool Support Engineer.

    Responsibilities

    In this position you will be responsible for investigating alerts, determining the source of the threat, the extent to which client assets have been compromised and making recommendations for remediation.
    Advice on analysis of security events from multiple sources including but not limited to events from SIEM tools, network and host-based IDS, firewall logs, system logs (Unix & Windows), mainframes, mid-range, applications, and databases.
    Perform analysis on potential malicious e-mails reported by the customers.
    Leverage customers’ internal tools in order to provide a thorough investigation on potential phishing attempts.
    Collaborate with Line of Business technical teams for resolution and mitigation of detected issues.
    Create and submit complex recommendations (technical/process) that trigger relevant improvements in the customer security posture.
    Elaborating runbooks.
    Routinely interact with vulnerability and threat management teams and incorporate feedback into information security applications.
    Supervise different incident response actions with internal and external teams while owning the responsibility for the incident/event until complete closure.
    Knowledge sharing activities: creating and delivering new content for Community of Practice sessions.
    Subject Matter Expert for 1 technology in scope.