Cyber Security Incident Response Analyst

Doorsturen
 
  • Aanbod Depends on experience
  • Functiegroep IT
  • Dienstverband Fulltime
  • Vacaturenummer 9701900
  • Locatie Eindhoven
  • Contract Via YER
  • Branche Construction

Over deze vacature

As an Cyber Security Incident Response Analyst you will report directly into the Director, Security Operations Center (SOC), and work under daily operational control of the Incident Response Team Leader. You will be a part of a team that will focus on handling the escalated Security Incident Response activities for the enterprise. You will also support any Security Event Management and remediation activities which could occur.

Functie

As the Cyber Security Analyst you will be challenged to work with our partners’ and suppliers’ security resources to achieve a seamless global Security Incident Response capability. You will focus on security incident management, ensuring that incidents are timely and properly identified, analyzed and remediated. You tackle the potentially damaging and difficult attacks a multinational organization experiences on a regular basis.

Your Responsibilities:

Participating in monitoring, triaging and incident response activities, including:

• Handling escalated Security incidents from Level 1 and Level 2 Analysts (outsourced)

• Collecting, documenting, and sharing preliminary data for security incident investigators .

• Contributing to our efforts to automate detection of, and response to, malicious activity

• Partnering with the IT Incident management team, making sure incident alignment is in place if needed

• Ensuring comprehensive, real-time status updates and reporting to SOC Management and key stakeholders

• Standardizing initial response for basic security alerts/reports, in order to automate

• Recommending new use cases for SIEM for previously unidentified indicators

• Working with partners in IT and Engineering to improve log coverage and quality

• Identifying and helping to implement improvements to our IR processes and procedures

Bedrijf

Light isn’t just something to see by. It can lift our senses, heighten our mood, improve our well-being and give us a real sense of time and place. The right lighting even improves our ability to learn and speeds our recovery from illness. In short, it has a fundamental impact on how we live. That’s why at Philips Lighting our mission is to simply enhance life with light

Aanbod

You will be employed by YER and seconded to Signify. We offer:
  • Good employee benefits (e.g. work-life balance, pension)
  • Challenging assignments
  • Excellent guidance from your consultant and YER's back office
  • Development opportunities, including the YER Talent Development Programme with a personal coach
  • Intensive support for international candidates (including Dutch lessons, tax-return and accommodation assistance)
  • Cooperative and results and relationship-driven
  • Friendly atmosphere and open culture
  • Community/network with other technology professionals from a variety of multinationals
  • Events and master classes with interesting speakers and attractive companies

Profiel

Qualifications

• Bachelor’s degree in Computer Information Systems or a related discipline, or equivalent experience

• 3+ years in IT / Information Security roles, with 1-3 years of experience in Incident Response at a Level 1 or higher Analyst capability within a SOC

• CISSP, GIAC, CEH, or similar Information Security certification is preferred Competencies

• Deep knowledge of IT / Information Security, tooling and processes

• Subject Matter Expert in Incident Response

• Analytical, solution and service oriented. • Strong teamwork and collaboration skills

• In-depth knowledge and understanding of cyber-attack vectors, malware analysis, cybercrime networks and methodologies

• Familiarity with SIEM platforms (LogRythm, ArcSight, QRadar, etc) and supporting tooling (Splunk, Endpoint Forensics tooling, commodity malware and APT detection platforms)

• Expertise in Endpoint Detection and Response tools (e.g. CarbonBlack, CrowdStrike, FireEye Endpoint Security)

• Must understand APT solutions such as FireEye, Palo Alto Traps, Cisco AMP

• Familiar with Microsoft platform (Windows, O365, Teams, Azure, etc)

• Good written and verbal communication skills

• Available after-working hours if needed

Doorsturen