Security Monitoring Operator
- Job location: Bratislava
- Work time: Full time
- Contract type: Fixed term
Job posting title
Security Monitoring OperatorJob summary
We are looking for enthusiastic IT security fan to join our Threat Analysis&Services team as Security Monitoring Operator. Together with us, you will participate in the creation of new products/services and you will have access to the most modern technologies in the field of computer security.Job description
Functional Responsibilities and Duties
• Work in global 24/7 MDR center and participate in shift operation under the supervision of senior colleague.
• Work with security monitoring systems EDR, XDR, SIEM, SOAR and other systems.
• Investigate security incidents and document adversary activity in monitored environments and escalate to the next analytic tier.
• Analyze client data and evaluate potential security threats.
• Participate in continuous development and improvement of monitoring solution.
• Participate on continuous monitoring, hunting, threat hunting, threat intelligence and other under the supervision and mentoring.
• Participate in design and maintenance of low-level EDR, XDR and correlation SIEM rules.
• Actively participate on toolset and rulesets improvement and fine-tuning of the MDR Security Toolset.
• Participate in development and improvement of Incident Response guidelines and playbooks.
• Perform triage malicious code encountered in client environments.
• Cooperate with colleagues performing in-depth analysis of malicious code.
• Prepare reports for the customer/communication with the customer about incidents.
• Cooperate in the development of security monitoring services and the system of reporting on security threats.
Requirements
Education
• Education in IT security field is an advantage.
• IT Security certificates or other technological certificates are advantage – CEH, Windows, Unix, Network Security.
• Cybersecurity certification ( GIAC, RHCE, CompTIA, CRTO, Offensive Security, Security Blue Teamsecurity vendors and other relevant certification) is advantage.
• Forensics analysis or Incident Response – advantage.
Experience
• Working in SOC – advantage.
• Working with and evaluation of outputs of security monitoring systems – advantage.
• Experience with SIEM or SOAR systems are advantage (Splunk, QRadar, Elasticsearch, ArcSight, LogRhythm, Palo Alto Cortex XSOAR, other).
• Experience with CTFs or similar cyber security competitions ( Hack The Box, Virtual Hacking Labs, TryHackMe ) is an advantage.
Knowledge
• Basic knowledge of the inner workings of the Windows/Linux system (how things work) - processes, registries, filesystem, services, scheduling etc.
• Basic experience with scripting ( PowerShell, Python, Javascript, Bash, LUA, other ) is an advantage.
• Basic knowledge of computer networks (IP address, port, protocols, MAC address, ...).
• English - Upper intermediate (B2)
Personal characteristics
• Willingness to participate in 24/7 shift handling monitoring client environments.
• Interest in continuous education in the field of computer security.
• Analytical thinking with an eye for detail.
• Patience when processing a lot of data.
• The ability to communicate with the customer.
• Independence.
• The ability to communicate with the customer.
• Desire to learn and gain experience in the field of digital forensics and incident response.
• General interest and overview of computer security field.
Employee perks, benefits
• please visit our website: https://www.eset.com/sk/o-nas/kariera/benefity/
Basic wage component (brutto): from 1600 EUR
* The final basic wage component can be increased accordingly to individual skills and experience of the selected candidate.
* Performance bonus 2 times per year up to 10% of the basic salary paid for the evaluation period(usually 6 months).
Job requisition
JR-04311 Security Monitoring Operator (Open)Primary location
BratislavaAdditional locations
Time type
Full time