Information Security Analyst

ID: Information Security Analyst

Full time

Bucharest

Middle, Senior

06-08-2024

As Security Analysts, we analyse and review reports, logs and various sources of informative data relating to security events. We must be knowledgeable of current security issues and compliance-related information and possess the ability to respond to security issues as needed. In our team, the analyst uses, implements, reviews, or evaluates systems to identify threat actors in their attempts at infiltrating user, customer, or corporate information or jeopardising product infrastructure. The analyst researches and responds to attempted or successful efforts to compromise systems and protocols. The analyst performs and validates vulnerability assessment scans and works with internal teams to resolve potential risks and vulnerabilities. The analyst partners with teams to remediate identified risks and provides reports to management and customers on the impact of breaches or risks to confidentiality, integrity, availability, or disruption to delivery of services.

Responsibilities

What You Will Do:

Vulnerability management monitoring, review and follow-up
Supervise current and trending remediation efforts
Report to customers on security status of the environment including, trend analysis, remediation efforts, and newly discovered vulnerabilities
Frequently document and communicate product security risks, collaborating with internal and external partners
Serve as a technical specialist for analysing and identifying security vulnerabilities in web applications, operating systems, and networks
Review security events that are populated in a Security Information and Event Management (SIEM) system to develop accurate remediation actions
Review, respond, and build alerts
Independently follow procedures to contain, analyse, and eradicate malicious activity
Conduct proactive threat research using real-world security data and systems automation

Requirements

A college degree or equivalent experience in cyber security
Verbal communications skills and concise written communication skills
Business savvy and an eye for detail with timely execution
Able to deal with high priority, time-sensitive issues
Ability to multitask and switch between multiple high priority projects
Organisation and multi-tasking skills
A solid grasp and experience assessing vulnerabilities and identifying weaknesses in various operating systems, platforms, databases, servers, etc
Understanding of the current threat and vulnerability landscape
Experience with and understanding of database systems, web servers, application servers, firewalls, routers, load balancers, switches, etc
Understanding of Application Security and the OWASP top 10 principles
Experience with enterprise endpoint detection tools
Dependability: Meet commitments, work independently, accept accountability, be adaptable to change, set personal standards
Ability to effectively report trends regular reporting
An Understanding of industry standard methodologies in application & operations security
Knowledge of emerging threats, mitigations and industry trends
Solid grasp of Windows and Linux operating systems

Other Beneficial Qualifications

Demonstrated ability in testing proof of concept exploits to identify potential vulnerabilities • Proficient in scripting(any): Python, Ruby, Pearl, PowerShell
Certifications (any): CEH, GCIH, Security+, CCNA Cyber Ops, GWAPT, GPEN, OSCP, OSWE
Solid grasp of public cloud infrastructure and architecture (AWS, Azure, GCP) and associated security concepts and challenges

Apply with LinkedIn