Senior Security Engineer

Professionals at Ackcent Cybersecurity have a common goal: to improve the security of our customers, protect their assets from cyber threats, and provide a high-quality service through communication and care for our customers. In this position, you will be part of our SOC Team in charge of security threat monitoring and incident handling, helping to secure and defend our clients' assets.

We are looking for professionals with experience in cybersecurity and a wide and deep understanding of Networks, Security Architecture, and Security Monitoring Tools.

As a key member of the Ackcent team, you will be in charge of leading the handling of security threats and incidents, improving and maintaining tools and procedures, and conducting forensics and malware analysis for further mitigation and threat containment. As a senior position, you will be able to train and support junior team members and will be involved alongside other Ackcent departments in different initiatives and decisions regarding internal and external Security Services.

• Analysis and verification of security threat monitoring alerts to produce incident identification, classification, and prioritization.
• Create, improve, and maintain security monitoring alerts based on the correlation of different sources of data.
• Operate and maintain various IDS/IPS, working closely with security/network architects to enhance security monitoring and defenses.
• Lead the response to security incidents and investigations, collaborating with customers and IT providers, following SLA requirements.
• Conduct forensics/malware analysis to extract indicators of compromise for further mitigation and containment, evaluating incident scope and impact.
• Report to the SOC Manager and the customer-involved CISO/CIO.
• Advise and train junior team members.
• Proactively monitor the cyber threat landscape by researching and studying the latest security threats and vulnerabilities to ensure operational tools and processes are up to date.
• Ensure contractual obligations and SLAs are met or exceeded.
• Manage priorities, deadlines, and deliveries.
• Manage and create improvements and procedures regarding SOC Tools and Operations.

• Computer/Telecommunications Engineering degree or a related discipline.
• More than 3 years of relevant experience in the field of information security.
• Experience working in a Security Operations Centre (SOC) environment.
• Strong technical understanding of network fundamentals and common Internet protocols.
• Knowledge of system administration and security architecture.
• Knowledge of the main security monitoring tools (FW, IDS/IPS, HIDS, WAF, SIEM).
• Experience or proven knowledge of at least one IDS technology.
• Scripting in Bash, Python, or PowerShell.
• Fluent in English (written and spoken).
• Self-motivated with the ability to work independently and as a team member in a challenging environment.

• Proficient in understanding Operating Systems and their architecture: Windows, Unix/Linux, and OSX Operating Systems.
• Windows server administration knowledge.
• Good understanding of the Cyber security landscape: Cyber kill chain, TTP, Threat Intelligence, and malware distribution networks.
• Good understanding of information security concepts: defense in depth, BYOD management, data loss protection, risk assessment, and security metrics.
• Three or more years working in a Security Operations Center (SOC) environment.
• Strong analytical and problem-solving skills.
• Strong communication, presentation, and leadership skills along with the ability to work in a highly collaborative environment.
• Exhibits initiative, follow-up, and follow-through with commitments.
• Manages multiple priorities in a high-pressure environment.
• Experience working with AWS or Azure infrastructure.
• Previous experience with malware reverse engineering.
• Related Certification (GCIH, GCFA, GCFE, GREM, CISSP) is a plus.

• Medical insurance
• Birthday day off
• A dynamic work environment where innovation and collaboration are at the core.