Active Defense Consultant

Active Defense Consultant

49_743999848120776

Obowiązki

The Active Defence Consultant is responsible of assessing and reducing threats of Eurofins. The team is also responsible for: Network Reconnaissance, Proactive Penetration Testing (Purple Team), Anomaly Analysis, and Trapping and Coercion

Wymagania

Required Professional Expertise:

• B.Sc. or comparable education in Information Technology or Information Security.
• General IT Ingra experience of 10 years onwards
• Minimum of 4-5 years of professional experience as an s IT Security Analyst, Active Defense Analyst, or Security Intelligence Analyst.
• Relevant experience in one or more of the following areas: threat intelligence, intrusion analysis, incident response, malware analysis, security and network operations, penetration tester, or similar roles.
• Demonstrated understanding of the threat intelligence life cycle, network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures (TTPs).
• Knowledgeable in security incident response process, procedures, and life cycle, including performing security audits as part of the red team.
• Good understanding of both Windows and Unix/Linux-based operating systems.
• Understanding of IP networking concepts, including addressing, routing, common protocol usage, use of proxies, load balancers, firewalls, routers, and switches in network architecture.

Technical Skills:

• Set up honeypots Top 1
• Monitoring of honeypots (open-source, Attivo Networks, Zscaler) Top 2
• Analyzing logs from honeypots Top 3
• Honeytokens (Active Directory fake users)

Oferujemy

Essential Duties and Responsibilities:

• Perform research and analysis of attacker techniques and methodologies and emulate those attacks in a collaborative and controlled environment.
• Identify security breaches through ‘Hunting’ operations within a SIEM, EDR, and other tools and security intelligence.
• Identify patterns consistent with sophisticated attacker methodologies, and report on security concerns as they are escalated or identified.
• Analyze artifacts collected during a security test or passive investigation.
• Communicate with server owners, system custodians, and IT contacts to pursue security testing activities, including obtaining access to systems, digital artifact collection, and containment and/or remediation actions.
• Create presentations in MS Word, PowerPoint, and/or Excel that support findings.
• Maintain, manage, improve, and update security testing process and protocol documentation.
• Assist in analyzing findings and develop fact-based reports.
• Identify means to disrupt attacker actions and enhance defender response capabilities.
• The role requires mentoring, collaboration, and training of more junior associates.
• Ability to explain complex technical problems to business representatives
• Ability to focus on business priorities and deliver tangible results
• Smart approach to technology, automation, tools – ability to prioritize and focus on business objectives to be achieved instead of focusing on solving complex, technical problems which may not always lead to achieving business benefits.

Źródło: Eurofins/Praca

Aplikuj