Advance Incident Handler

What is the scope of this project?

As member of Cyber Intelligence & Security Operations Center (CI&SOC) team his main duties will be:

- Working collaboratively to prevent, detect and respond to information security incidents following operational procedures.
- Perform tasks including research, classification and analysis of security events and vulnerabilities that occur on the network or endpoint.
- Accountable to manage security incidents, including Major Security Incidents and coordinate response with other teams. Activities include analysis and interpretation of security-related events, identifying trends and taking corrective action.
- Working in close collaboration with the IT Team members and stakeholders to deliver and implement technology solutions in support of the business objectives to improve productivity and enhance processes.
- Understand BI framework and follow defined processes. Ensure compliant documentation requirements and guarantee its production as required according to the SOPs and working instructions.L4 DepartmentSpecify L4 Department
- MUSTs Service RequirementsIt is important to clearly identify MUSTs skills/knowledge/ tools/certifications. They should be independently listed making a clear differentiation
- Professional experience of 5 years (at least) providing services in a SOC (Security Operations Center).
- Excellent spoken and written English.
- Advanced knowledge of common system exploits, network attacks, web protocols, phishing techniques and malware.
- Security certifications like SOC-200, GCIH, E|CIH, IHRP, OSCP or CEH.
- Analytical thinking, good communication, problem solving, results oriented, agility and teamwork skills.
- Professional experience of 5 years (at least) providing services in a SOC (Security Operations Center).
- Excellent spoken and written English.
- Solid understanding of Linux and Windows operating systems, common networking protocols, vulnerability management and deep packet inspection technologies.
- Experience in the following areas: Security Incident Response (live triage, memory analysis, disk analysis and network traffic analysis), Malware analysis (Understanding of malware Kill Chain, Exploit kit, download, install, call back, C&C).
- Experience in the principals of network and endpoint security, current threat, and attack trends, and working knowledge of security principals such as defence in depth and causes of security events.
- Advanced knowledge of common system exploits, network attacks, web protocols, phishing techniques and malware.
- Advanced knowledge of security incident handling concepts.
- Programming experience in scripting languages like (Python, PowerShell or Bash) '¢ Experience working in a virtual, international and multicultural environment.
- Analytical thinking, good communication, problem solving, results oriented, agility and teamwork skills.
- Security certifications like SOC-200, GCIH, E|CIH, IHRP, OSCP or CEH.
- Knowledge in OT (Operational Technologies) / ICS (Industrial Control Systems) is a plus, but not mandatory.
- Knowledge in AWS/Azure technologies is desired but not mandatory.

**Salary**: Up to 400.00€ per day

Ability to commute/relocate:

- 08174 Sant Cugat del Vallès, Barcelona: Reliably commute or planning to relocate before starting work (required)

Work Location: Hybrid remote in 08174 Sant Cugat del Vallès, Barcelona