Advanced Incident Handler

We are looking for a " **Advanced Incident Handler**" who will offer service to a multinational pharmaceutical company, as a member of Cyber Intelligence & Security Operations Center team.

**MISSION**:

- Working collaboratively to detect and respond to information security incidents and vulnerabilities following operational procedures.
- Perform tasks including research, classification and analysis of security events that occur on the network or endpoint.
- Accountable to manage security incidents, including Major Security Incidents and coordinate response with other teams. Activities include analysis and interpretation of security-related events, identifying trends and taking corrective action.
- Working in close collaboration with the IT Team members and stakeholders to deliver and implement technology solutions in support of the business objectives to improve productivity and enhance processes.
- Understand frameworks and follow defined processes. Ensure compliant documentation requirements and guarantee its production as required according to the SOPs and working instructions.

**SKILLS**:

- Professional experience of 5 years (at least) providing services in a SOC.
- Solid understanding of Linux and Windows operating systems, common networking protocols, vulnerability management and deep packet inspection technologies.
- Experience in the following areas: Security Incident Response (live triage, memory analysis, disk analysis and network traffic analysis), Malware analysis (Understanding of malware Kill Chain, Exploit kit, download, install, call back, C&C).
- Experience in the principals of network and endpoint security, current threat and attack trends, and working knowledge of security principals such as defence in depth and causes of security events.
- Advanced knowledge of common system exploits, network attacks, phishing techniques and malware.
- Advanced knowledge of security incident handling concepts.
- Programming experience in scripting languages like (Python, PowerShell or Bash)
- Nice to have :_
- _S_ecurity certifications like SOC-200, GCIH, E|CIH, IHRP, OSCP or CEH.
- Knowledge in AWS/Azure technologies is desired but not mandatory.
- Knowledge in OT (Operational Technologies) / ICS (Industrial Control Systems)

**SCHEDULE**:

- 08/09h -17/18h from Monday to Friday (flexible)
- 1 day of office work | 4 days by remote.

**CONDITIONS**:

- Salary package based on your profile
- Permanent Contract
- Ticket restaurant included in-office hours
- Flexible Retribution Program (medical insurance, public transport ticket and childcare check)
- Discounts on gym network(Andjoy)
- Learning & Development
- Our goal is that you are well in every way_