€25K - €55K
Our cybersecurity team, Cipher (Prosegur Group Cybersecurity Company), launches a project based on the quality of the security of assets, information systems, processes and, of course, people.
Cipher represents the ambition to lead the cybersecurity industry.
A more specialized and recognized brand in cybersecurity
With an experience of 18 years in the market
With global pressence including the United States.
A team of professionals with the highest certifications in the industry
An important portfolio of security solutions with global leadership in Managed Cybersecurity Services
Greater investment in R+D.
We are looking for an Expert/Analyst in cybersecurity
Modelate and create user cases
Maintenance state of user cases
Manage global alerts from customers.
Analyze alerts to ensure their reliability.
Ensure the integrity of the consolidated information.
Investigate sequences of occurrences.
Complete and improve information on portal.
Generate and maintain response playbooks, procedures and "what to do".
Enable the global context of security at the customer.
Interlocution with CSM, Analyst and Integrator.
Exchange of information with Customer. user cases in production.
Daily sessions with team. Weekly with client.
Evaluation of global rules, user cases and behavior for improvement.
Deployment of infrastructures and supervision of analyst activity.
Mitre & Defend frameworks. Experience in working methodology with TTPs.
Phases of an attack (CyberKillChain).
OSINT, GEOINT, HUMNIT, MASINT and SIGINT tools (intelligence gathering tools). Management of solutions focused on Deep Dark Web, underground forums, non-indexed engines, etc. (Intel).
Deep Knowledge of hunting methodologies and evidence analysis.
Experience in SIEM and EDR search engine research (Elastic, Qradar, Cytomic, Crowdstrike, Cybereason, Defender).
Experience in searching under EQL and EKL type language.
Experience in managing and configuring alerts in event monitoring systems. CSIRT, L1 or L2.
Experience in creating, managing and deployment of use cases, alert thresholds, correlation rules, simple rules, etc.
Experience in event parsing and normalization.
Knowledge in system defense and attack, knowledge in offensive security. Adversary simulation and attack ontology.
Knowledge of network protocols (OSI layer) and experience with perimeter security equipment such as firewall (IDS/IPS), WAF, etc.
Experience of operating systems and communications.
OSCP, CompTIA+ Sec, CEH, CCH, Incident Handling certifications desirable.
6+ years working on these tasks and previous experience in security management, administration or operation.
Speak and understand conversations in English
What do we offer?
Competitve salary based on your expectations and experience
Well defined career paths
100% remote work
If you have interest in our offer you can apply or you can contact me directly.
25000 - 55000 €/anuales
Este puesto de trabajo tiene más de 30 días y es probable que esté cubierto. Intente postularse a ofertas de trabajo publicadas recientemente.