Security Analyst - Tier 1
Veröffentlicht:
08 November 2024Pensum:
100%Vertrag:
Festanstellung- Arbeitsort:Adliswil
Stimulating. Motivating. Challenging.
Leveraging its long-standing expertise in securing digital content as well as fighting piracy, Kudelski Security, a division of the Kudelski Group, is a provider of cybersecurity solutions and services focused on protecting data, processes and systems for companies and organizations around the world, safeguarding their assets at a time of increasingly remote communications.
Location: Adliswil, Switzerland
Mission
As a member of the MDR Operations team, the MDR Security Analyst Tier 1 is a Security Analyst in the Cyber Fusion Center and is dealing with escalated operational cases. Also, he is deeply involved in the global improvement of the MDR services, on both running services and new services definition/setup. In addition to possessing deep technical and cybersecurity knowledges, an MDR Security Engineer interacts extensively with clients and partners using polite professional etiquette.
Responsibilities
- Threat Monitoring
- Manage escalated cases to the Tier-2 queue
- Analyze and respond to security events from SIEM, EDR, FWs, IDS, IPS, AV and other security data sources.
- Deliver high quality Incident Handling and investigation
- Be the 2nd level of escalation Tier-1 Security Analysts
- Perform on-call for Threat Monitoring and Security Device Management escalation outside of business hours
- Service improvement
- Perform rules tuning of client SIEM in operation
- Support rules factory program in improving the global set of detection
- Validate Go-to-Active and Go-to-Prod gates of our new clients to ensure a smooth transition to operation
- Continuously improve incident templates in terms of content for the clients and in terms of automation to best support the operation
- Support rollout of new set of rules for MSS clients
- Qualify, analyze, and provide recommendations for new standard data source requests
- Support Product teams to build best new services to fit with Operations capabilities (needs, scalability, efficiency)
- General responsibilities
- Take responsibility for customer satisfaction and overall success of managed services.
- Be available, ready, and able to accept incoming clients calls
- Recommend improvements for Standard Operating Procedures
- Propose enhancement on tools and workflow
- Respond in a timely manner (within documented SLA) to support tickets.
- Document actions in tickets to effectively communicate information internally and to customers.
- Adhere to policies, procedures, and security best practices.
- Mentor fellow Security Engineers and Security Analysts.
Requirements / Profile
You are
- Passionate about Cybersecurity and providing excellent client satisfaction.
- Like the “nuts and bolts” of day-to-day tactical execution of MSS operation with an emphasis on providing world-class Managed Services.
- Self-driven, team oriented, and highly motivated professional familiar with Security Operations.
You have
- Minimum 3 years’ experience in information security managing and monitoring security devices or educational equivalent.
- Excellent client service skills
- Excellent analytical thinking and problem-solving skills
- Oral and written communication skills
- Excellent IT skills (network, protocols, infrastructure)
- Good knowledge of SIEM technologies
- Good knowledge in cyber security threats and tactics
- Good knowledge in Cloud and OT/ICS technologies
- Windows and Unix/Linux operating system experience
- Experience reviewing and analyzing log data
- Experience reviewing and analyzing network packet captures
- Very good level of English (oral and written)
These would be a plus:
- French or any other languages
Join us and be part of a rapidly growing company with locations in Switzerland and the United States and who leverages their unique history of innovation and engineering with a pragmatic view of client security, to adopt a different approach to cybersecurity and help change the security paradigm. When you join us, you'll be part of an industry leader that has a tremendous impact on how our clients approach Cybersecurity strategy.
If you love the challenge as much as the rewards and are ready to take your career to the next level, apply today.
Reference: 15068
Publication Date: 07-11-2024