Vị trí công việc này hiện tại đã hết hạn nộp hồ sơ, bạn có thể tham khảo thêm một số công việc liên quan phía dưới
Mô tả công việc
Summary
As a Senior Cyber Security Analyst, you will perform investigations and forensic analysis during information security incidents for Microsoft's Cloud + On-Prem Datacenter of Pharmacity. Your passion for finding creative approaches will shine as you gather evidence and build a picture about what transpired. You will be responsible for fusing multiple sources of evidence to determine how a security incident occurred and what steps need to occur to remediate it. You will also be responsible for building capabilities that close information gaps, strengthen our cloud defenses, and defend customers from emerging security threats. CyberSec is a fast-paced team that constantly provides new opportunities to learn and grow.
Main Responsibilities
Reviewing massive log files, pivot between data sets, and providing evidence for incident investigations.
Reviewing DoD, NIST and open-source intelligence for threats.
As part of incident investigation, analyzing threat intelligence, correlating actionable security events, and reviewing network traffic alerts to identify compromises in Pharmacity's networks or hosts.
Identifying Indicators of Compromise (IOCs) and integrating those into sensors and SIEMs.
Utilizing alerts from end points, IDS/IPS, netflow, and custom sensors to identify compromises on networks/endpoints.
Triaging alerts to identify malicious actors on networks.
Plan and implement security measures.
Performing incident reporting in accordance with CyberSec requirements.
Create, test and implement network disaster recovery plans.
Perform risk assessments and testing of data processing systems.
Yêu cầu
Proven ability to Evaluate, respond, and mitigate alerts that originate from the SIEM and the Cyber security product suite, e.g., NGFWs, IDS/IPS, Anti-virus, Web Application Firewalls, NAC Solution, EDR, etc.
Up-to-date understanding of a wide-range of incident response, system configuration, vulnerability management and hardening guidelines
Ability to demonstrate subject matter expertise on the one or more functions performed by the SOC
Able to handle multiple tasks, delegate to the team, and make sure deadlines are met.
2+ years of prior security experience, including hands-on experience in security operations or incident response in large enterprise environments
Demonstrated experience with log analysis and event correlation using a SIEM (Splunk, ArcSight, SumoLogic, QRadar, Qazuh, etc.) to detect potential malicious behavior.
Hands-on experience with NGFW Firewalls & IPS & WAF & Next-Gen Endpoint Security solutions
Experience with endpoint detection and response (EDR) tools such as Carbon Black or CrowdStrike
Quyền lợi
Laptop, Chế độ bảo hiểm, Phụ cấp, Chế độ thưởng, Chăm sóc sức khỏe, Tăng lương, Nghỉ phép năm
Thông tin khác
Thông tin tuyển dụng
Việc làm tại: Hồ Chí Minh
Mức lương:Cạnh tranh
Hạn nộp hồ sơ: [protected info]Chức vụ: Nhân Viên
Hình thức: Nhân viên chính thức
Kinh nghiệm: 2 - 5 Năm
Số lượng: Đang Cập Nhật
Trình độ: Đại Học
Thông tin chung
- Ngày hết hạn: [protected info]
- Thu nhập: Cạnh tranh
