Security Analyst (m/f/d) in Essen

Currently we are looking for one candidate who is able to cover the following position:

Project description:

This role sits within the IT Security team which is responsible for Operational Security. The purpose of this role is to provide the business areas with an effective IT security service within the operational environment and act as a Security Incident Response Analysis and Process Expert.

Your primary responsibilities:

-

Define and document the Security Incident and Response Playbooks required to support the SIEM implementation and work closely with the relevant IT Stakeholders and Incident Management teams in the roll out and integration
-

Define, document and update all processes required to support phase 1 and phase 2 of the SIEM implementation
-

Review and assess impact and remediation actions for incidents escalated by SOC Level 1 as part of ongoing use case refinement activities
-

Assist with the tuning of the approved use cases and assist in reducing the number of false positives
-

Work closely with the IT Security Operations Team Lead and support the IT Security Manager for the SIEM on security incident processes and response plans and processes
-

Support the implementation of the new SIEM
-

Other duties as assigned

Your key competencies:

-

Strong experience of investigating network threats with advanced analysis experience of multiple attack vectors such as Malware, Trojans, Exploit Kits, Ransomware and Phishing techniques, APTs, etc.
-

Good Experience in documenting security incident response playbooks
-

Good understanding of Firewalls and Network Security as well as of network protocols
-

Good Security Analysis experience to include incident classification, investigation and remediation.
-

Strong analytical, troubleshooting and problem-solving skills for security information and event management.
-

Experience with reviewing Intrusion Detection System, Intrusion Prevention, Firewall and other security logs and alerts
-

Experience of analysing alerts from a SIEM, identifying false positives and determining the appropriate remediation action to take
-

Good knowledge of attack vectors particularly MITRE Attack Framework
-

Knowledge of Cloud Services (AWS/Azure)
-

Knowledge of Cloud security principles, techniques and technologies
-

Knowledge and experience with Windows, Unix/Linux operating systems
-

Experience with Security Information and Event Management (SIEM) tools e.g. Splunk
-

Previous experience working as part of a SOC is a bonus but not essential
-

Experience working with MSSPs or Third Party Providers
-

Keep up to date with current threat intelligence
-

Knowledge required CompTIA Security+, CEH, CISSP

c parameters:

-

Location: Essen
-

Duration: 11.2020 - 04.2021
-

English CV

Important for your application:

In addition to your project history which emphasizes the required skills, we need a written self-assessment. The purpose of this self-assessments to convince the reader that you are the perfect candidate for the applied position.

The intensive cooperation with our customer showed that the self-assessments were of great importance during the selection process.

Your GECO contact person is looking forward to your feedback and your current CV (Word document) incl. your availability and your salary requirement / hourly rate:

Saifeddine Zitouni

040/764007-39

[email protected]

Alternatively, you can also upload your application documents encrypted on our portal, where you will also find other exciting positions: https://www.geco-group.com/it-specialists/jobs

Simply search for the appropriate project and click "Apply".