Threat hunter
Nr. i reklamës i Anegino
AG85EK64
Industria
Shërbime
Përshkrimi i punës
Teleperformance Group is looking for a Threat hunter
PURPOSE OF POSITION:
As a Threat hunter, you will proactively search for cyber threats to find malicious actors in the network that may go undetected by conventional network security monitoring or defenses. You will be a key contributor to a team of experienced Security team.
PRIMARY DUTIES, RESPONSIBILITIES AND REQUIREMENTS
• Proactively drive threat hunting and analysis
• Leverage threat intelligence resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
• Utilize SIEM platform to identify threats, determine attack vector, scope of activity, and risk and compile/report findings into a sharable report
• Work with other Security teams to identify threats, develop cyber defenses, and perform advanced network and host analysis in the event of a compromise
• Recommend system tuning/customization and data collection improvements
• Improve and expand the team’s threat intelligence, hunting and response toolset
• Support the team in conducting Advanced Persistent Threat (APT) analysis and investigation
• Provide support in the detection, response, mitigation, and reporting of cyber security incidents affecting enterprise and subsidiary networks
• Assist in the education of staff on cyber threat hunting
EDUCATION
• Required: Bachelor's degree or similar education in Computer Science, Information Technology, or equivalent
EXPERIENCE
• 2+ years operational experience as a Threat Hunter
• Advanced experience of current threats, vulnerabilities, attack trends, and Advanced Persistent Threat (APT)
• Familiarity with: Netflow, DNS, IDS/IPS, Proxy, Mail, PCAP and Windows Logs
• Working knowledge of networking concepts and web technologies.
• Experience with regular expression and scripting languages, including Python or PowerShell
• Experience with Windows Enterprise security or systems administration
• Experience with SIEM and SOC, including Qradar, Splunk ES, or ArcSight
• Experience with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack
• Experience with scripting, including PowerShell, Python, or REST APIs
• Experience with endpoint telemetry, including Carbon Black, HX, Falcon, or Endgame
• Experience with network hunting, including Bro Logs, NetFlow, PCAP, or PaloAlto firewalls and proxies
• Experience with offensive tools, including Mimikatz, Metasploit and Empire
TECHNICAL COMPETENCIES
• Knowledge of TCP/IP protocols and data communications schemes.
• Prefer familiarity with packet analysis and usage of deep packet inspection toolsets.
• Problem solving/critical thinking capabilities in complex environments.
• Self-driven and fully accountable for independent effort performed as part of a geographically dispersed virtual team supporting
• Proficiency in the use and production of visualization charts, link analysis diagrams, and database queries.
PERSONAL/PROFESSIONAL COMPETENCIES
• Excellent verbal and written communication skills in English.
• Ability and willingness to share on-call responsibilities, and work non-standard hours.
Interested? Apply sending your CV through Anegino until 17.10.2020
Please specify the position you are applying for!
PURPOSE OF POSITION:
As a Threat hunter, you will proactively search for cyber threats to find malicious actors in the network that may go undetected by conventional network security monitoring or defenses. You will be a key contributor to a team of experienced Security team.
PRIMARY DUTIES, RESPONSIBILITIES AND REQUIREMENTS
• Proactively drive threat hunting and analysis
• Leverage threat intelligence resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
• Utilize SIEM platform to identify threats, determine attack vector, scope of activity, and risk and compile/report findings into a sharable report
• Work with other Security teams to identify threats, develop cyber defenses, and perform advanced network and host analysis in the event of a compromise
• Recommend system tuning/customization and data collection improvements
• Improve and expand the team’s threat intelligence, hunting and response toolset
• Support the team in conducting Advanced Persistent Threat (APT) analysis and investigation
• Provide support in the detection, response, mitigation, and reporting of cyber security incidents affecting enterprise and subsidiary networks
• Assist in the education of staff on cyber threat hunting
EDUCATION
• Required: Bachelor's degree or similar education in Computer Science, Information Technology, or equivalent
EXPERIENCE
• 2+ years operational experience as a Threat Hunter
• Advanced experience of current threats, vulnerabilities, attack trends, and Advanced Persistent Threat (APT)
• Familiarity with: Netflow, DNS, IDS/IPS, Proxy, Mail, PCAP and Windows Logs
• Working knowledge of networking concepts and web technologies.
• Experience with regular expression and scripting languages, including Python or PowerShell
• Experience with Windows Enterprise security or systems administration
• Experience with SIEM and SOC, including Qradar, Splunk ES, or ArcSight
• Experience with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack
• Experience with scripting, including PowerShell, Python, or REST APIs
• Experience with endpoint telemetry, including Carbon Black, HX, Falcon, or Endgame
• Experience with network hunting, including Bro Logs, NetFlow, PCAP, or PaloAlto firewalls and proxies
• Experience with offensive tools, including Mimikatz, Metasploit and Empire
TECHNICAL COMPETENCIES
• Knowledge of TCP/IP protocols and data communications schemes.
• Prefer familiarity with packet analysis and usage of deep packet inspection toolsets.
• Problem solving/critical thinking capabilities in complex environments.
• Self-driven and fully accountable for independent effort performed as part of a geographically dispersed virtual team supporting
• Proficiency in the use and production of visualization charts, link analysis diagrams, and database queries.
PERSONAL/PROFESSIONAL COMPETENCIES
• Excellent verbal and written communication skills in English.
• Ability and willingness to share on-call responsibilities, and work non-standard hours.
Interested? Apply sending your CV through Anegino until 17.10.2020
Please specify the position you are applying for!
Data e aplikimit të fundit : 17 Tetor 2020