¡Activa las notificaciones laborales por email!
Operations Security Analyst
Trigyn Technologies
Madrid
A distancia
EUR 50.000 - 70.000
Jornada completa
Genera un currículum adaptado en cuestión de minutos
Consigue la entrevista y gana más. Más información
Descripción de la vacante
A global cybersecurity firm is looking for a Security Operations Analyst to work remotely. This role requires expertise in monitoring AWS security events, analyzing security logs, and using various Microsoft security tools. Ideal candidates will have at least five years of IT experience and solid knowledge in incident response, with strong communication skills in English.
Formación
- A minimum of five years of relevant experience in the information technology field.
- Expert knowledge of English, both written and spoken, is required.
- Knowledge of email security, network monitoring, and incident response.
Responsabilidades
- Monitor and triage AWS security events and detections.
- Review security events in a Security Information and Event Management (SIEM) system.
- Analyze network and host-based security appliance logs.
Conocimientos
Herramientas
Trigyn has a contractual opportunity for a Security Operations Analyst. This resource will be working Remotely.
The incumbent will work under the supervision and guidance of the Head of Cyber Security
security, risk management consulting, and security operations activities in collaboration with a team of information and cybersecurity experts.
The resource will be part of the 24x7 Security Operations Centre (CSOC) and will work in close collaboration with team members distributed around the globe to monitor, detect, triage, investigate and respond to cyber threats targeting its Clients and Partner Organizations.
Monitor and investigate alerts leveraging Microsoft Security Tools (e. g. M365, Cloud App Security, Azure, Defender for Endpoint, Azure Security, Azure Sentinel and XDR)
- Monitor and triage AWS security events and detections
- Review security events that are populated in a Security Information and Event Management (SIEM) system
- Analyze a variety of network and host‑based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) Integrate and share information with other analysts and other teams
- Knowledge of Transmission Control Protocol / Internet Protocol (TCP / IP) protocols
- Deep knowledge of Microsoft Security Tools (e. g. M365, Cloud App Security, Azure, Defender for Endpoints, Azure Security, Azure Sentinel and XDR)
- Deep Knowledge of Cloud technologies (e. g. Azure, AWS and GCP)
- Deep knowledge of SIEM tools like Splunk, QRadar, ArcSight, MS Sentinel, ELK Stack
- Knowledge of email security, network monitoring, and incident response
- Knowledge of Linux / Mac / Windows;
- A minimum of five (5) years of relevant experience in the information technology field, including triage of alerts and supporting security incidents
- SIEMs, EDRs), able to autonomously perform technical analysis of security threats and collaborate with the Incident Response team
- Extensive Windows, Linux, Database, Application, Web server, etc. log analysis
- Expert knowledge of English, both written and spoken, is required
- Knowledge of at least one general‑purpose or shell scripting language (e. g. Ruby, Bash, PowerShell, Python, etc.)
Proven knowledge of monitoring AWS environment (IaaS, Saas, Paas)
MCSE, CCNA, Microsoft Azure (e. g.,
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
