Cyber Threat Hunter

Full Time
  • Full Time
  • Lisboa
  • 2020-11-18 2020-12-17
  • Informática
  • Licenciatura
Avatar Truphone
Ver Empresa
696616

Truphone Cyber-security Team is looking for a new key element to join its Cyber Defence Center (CDC) and help us provide continuous cyber-security monitoring and leverage Truphone Computer Security and Incident Response Team (CSIRT) effectiveness.

You will report to Truphone CISO and work closely with the security and technology teams in order to develop effective monitoring controls for specific business services and technical stacks. You will have a very close interaction with Truphone security engineers.

You will be expected to analyse events and alerts, classify and triage them accordingly and create reporting KPIs and dashboards in order to monitor the CDC progress and effectiveness.

This is an exciting opportunity to join our Cyber-security Team in Lisbon and be a key element in our Cyber Defence Centre. Rest assured you will never be bored, you will work with SIEMs, endpoint security tools, vulnerability management, cloud solutions, scripting and much more. You will also be required to participate in several National and International CERT Teams and Groups and help create from scratch the evolution strategy for the CDC.

We are looking for someone who is hands on and can fully support our Security Engineer in developing our SIEM Integrations and, build custom made scans and scripts (Python should be a close friend of yours) and maintain and operate our stack of monitoring tools.

Don’t forget to bring your passion and ambition to protect a fast growing multinational Organization.

Key Responsibilities

Advanced Cyber Analytics – Driving the hunting of threats to both Truphone and its Customers;
Characterize suspicious activities and be able identify threats and and develop network and host-based IOCs and IOAs;
Identify malicious activity from memory dumps, logs, and packet captures;
Perform manual discovery of open source threat intelligence information;
Through review and analysis of cyber threats, provide both internal & external parties key information to respond to threats;
Participate as part of a close team of technical specialists on coordinated responses and subsequent remediation of security incidents – Truphone CSIRT;
Monitor and fine-tune Truphone Cyber Defense Technologies (Network Moniroting System, SIEM, Endpoint Security, Vulnerability Scans, External Cyber Hygiene Scans, etc) and respond to alarms; Work with our security engineers to develop, deploy and monitor new security technologies.
Work with Truphone technical teams to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise; and

Requirements:

2 to 5 years of experience;
Background on computer engineering or similar;
Understanding of key concepts of SIEM, NMS, vulnerability management and endpoint security tools;
Expertise in SIEM integrations with standard technologies (FortiSIEM is a plus);
Expertise in system logging configurations and ELK platforms;
Knowledge of phyton and other similar scripting languages;
Knowledge of system administration (namely Linux and Microsoft); and
Understanding of CSIRT processes and procedures.

Você tem que entrar na sua conta para poder candidatar-se a esta oferta.