¡Activa las notificaciones laborales por email!
Security Operations Analyst M / F
Trigyn Technologies
Madrid
A distancia
EUR 68.000 - 104.000
Jornada completa
Genera un currículum adaptado en cuestión de minutos
Consigue la entrevista y gana más. Más información
Descripción de la vacante
A cybersecurity firm is looking for a Security Operations Analyst to work remotely. The role requires monitoring and investigating cyber threats using security tools like Microsoft Security Tools, analyzing AWS security events, and collaborating with the Incident Response team. Candidates should have a minimum of five years in IT, expert English skills, and familiarity with scripting languages. Certifications such as MCSE or CCNA are preferred.
Formación
- Proven knowledge of monitoring AWS environments (IaaS, SaaS, PaaS).
- Deep knowledge of incident response.
- Expert knowledge of English, both written and spoken.
Responsabilidades
- Monitor and respond to cyber threats targeting clients.
- Utilize Microsoft Security Tools for monitoring security.
- Analyze security appliance logs and events.
Conocimientos
Educación
Herramientas
Trigyn has a contractual opportunity for a Security Operations Analyst. This resource will be working Remotely.
The incumbent will work under the supervision and guidance of the Head of Cyber Security
security, risk management consulting, and security operations activities in collaboration with a team of information and cybersecurity experts.
The resource will be part of the 24x7 Security Operations Centre (CSOC) and will work in close collaboration with team members distributed around the globe to monitor, detect, triage, investigate and respond to cyber threats targeting its Clients and Partner Organizations.
Monitor and investigate alerts leveraging Microsoft Security Tools (e. g. M365, Cloud App Security, Azure, Defender for Endpoint, Azure Security, Azure Sentinel and XDR)
- Monitor and triage AWS security events and detections
- Review security events that are populated in a Security Information and Event Management (SIEM) system
- Analyze a variety of network and host‑based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) Integrate and share information with other analysts and other teams
- Knowledge of Transmission Control Protocol / Internet Protocol (TCP / IP) protocols
- Deep knowledge of Microsoft Security Tools (e. g. M365, Cloud App Security, Azure, Defender for Endpoints, Azure Security, Azure Sentinel and XDR)
- Deep Knowledge of Cloud technologies (e. g. Azure, AWS and GCP)
- Deep knowledge of SIEM tools like Splunk, QRadar, ArcSight, MS Sentinel, ELK Stack
- Knowledge of email security, network monitoring, and incident response
- Knowledge of Linux / Mac / Windows;
- A minimum of five (5) years of relevant experience in the information technology field, including triage of alerts and supporting security incidents
- SIEMs, EDRs), able to autonomously perform technical analysis of security threats and collaborate with the Incident Response team
- Extensive Windows, Linux, Database, Application, Web server, etc. log analysis
- Expert knowledge of English, both written and spoken, is required
- Knowledge of at least one general‑purpose or shell scripting language (e. g. Ruby, Bash, PowerShell, Python, etc.)
Proven knowledge of monitoring AWS environment (IaaS, Saas, Paas)
MCSE, CCNA, Microsoft Azure (e. g.,
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
