Incident Response Security Analyst

Position Id: G0625-0041

Job Type: 4-6 months (contract)

Country: Spain

Pay Rate: Open

Trigyn has a contractual opportunity for an Incident Response Security Analyst. This resource will be working at our client site in Valencia, Spain

Job Description:

The position of the Incident Response Analyst is organizationally placed in the Cybersecurity Service. In this capacity, the Analyst will be primarily responsible for monitoring Information and Communications Technology (ICT) assets for indication of potential security incidents by using a variety of tools and analyzing various data sources. The Analyst will work with the Threat Hunting (TH) solution, and various ICT groups locally and globally in identification, analysis and interpretation of various security events. The Analyst will act as an escalation point for security incidents and will provide recommendations to enable effective and timely implementation of containment actions. The Analyst will identify trends and formulate periodic reports. The Analyst will be also monitoring various public resources for security alerts and other security relevant information including industry security alerts, security advisories, and etc.

Specific responsibilities:

• Monitor and analyze various data sources for malicious or anomalous activities using existing tools (including Microsoft E5 security capabilities, endpoint management solutions), develop scripts and new detection techniques. Perform log parsing and correlation.
• Interpret data for security significance from sources including but not limited to endpoints, firewalls, IDS, TH solution and related tools, antimalware, Endpoint Detection & Response (EDR) tools, OS and application logs, data collected from various endpoints, and packet captures.
• Perform threat hunting activities.
• Participate in analysis of security incidents, security intelligence material, various information security reports, and other security relevant sources for purposes of formulating and providing early warning of security threats.
• Perform forensics including malware analysis.
• Make remediation recommendations and escalate incidents.
• Contribute to formulating incident management operating procedures and support operational teams in implementing incident response actions.
• Prepare security event and incident reports.
• Assist in coordinating incident response activities with various stakeholders.
• Liaise with internal IT groups and other constituencies including counterparts in partner organizations and third-party security services providers

The function was also adjusted to reflect changes in the technologies used (threat hunting tools) and of course scope (integration in larger team, now also covering field mission and GSC).

Experience:

• Advanced university degree (Master’s degree or equivalent) preferably in computer engineering or Information Systems or Electrical Engineering is highly desirable. A first level university degree with a relevant combination of academic qualifications and experience may be accepted in lieu of the advanced university degree.
• Experience with networking, endpoints, operating systems is required.
• Knowledge of network security, and incident management concepts and practices.
• Hands-on experience with endpoint security solutions.
• Hands-on experience with IDS and threat hunting solutions/tools.
• Hands-on experience in logs analysis, events characterization, correlation, and signature optimization and tuning.
• Knowledge of current malware threats, behavior, propagation, and malware protection techniques.
• Experience in monitoring of networks, operating systems, databases, applications, and security systems.
• Experience in Shell / Python scripting, and in use of regular expressions.
• Knowledge and experience of security incident management.
• Certifications like CISSP, CEH, GCIH, GCIA, GCFA, GREM, GCED are desirable.

TRIGYN TECHNOLOGIES is a multinational IT services company with resources deployed in 28 countries. TRIGYN is an ISO 9001:2015, ISO 27001:2022 (ISMS) and CMMI Level 5 certified company. TRIGYN has offices in the United States, Canada, Switzerland and India.

Performance