Security Operation Centre (SOC) - 1900008F

26/06/2019: "Security Operation Centre (SOC) - 1900008F" - Categorie protette

Annuncio dedicato alle persone appartenenti alle categorie protette - legge 68/99.

GSS provides shared services to the Group companies, with Head Office in Italy and branches in 5 European countries, a total staff of about 1.000 people.

Within the Chief Security Office Division, we are looking for a Security Operation Centre Specialist, who will perform the following activities:
* Develop and support central SIEM infrastructure deployed across company sites
* Perform Log sources integration and management providing analysis and trending of security log data from a large number of heterogeneous security devices
* Provide Incident Response (IR) support when analysis confirms actionable incident
* Investigate, document, and report on information security issues and emerging trends
* Act upon threat intelligence provided by Cyber Threat Intelligence function
* Respond to Information Security related queries
* Mentor and train junior analysts to enhance the overall technical skill-set of the SOC, establish analytic discipline and critical thinking, and promote greater curiosity – thinking "outside the box"
* Investigate IOCs provided by Cyber Threat Intelligence or the Cyber Hunter function
* Supporting handling incidents – encompassing multiple functions: detection and identification, incident triage
* Actively support the projects mission providing solutions, skills and experience.
* Provide support during the internal and externals Audit activities
* Integrate and share information with other analysts and other teams
* Actively Interact with SOC Level 1 team and CERT team daily basis providing support improving the quality of the services

SIEM administration and optimisation activities:
* Expand, tune, and enhance rule-sets – SIEM, – to identify security incidents and reduce false positives
* SIEM maturity assessment
* Support in on-boarding activities of new customers or company branch offices
* Support architecture changes and design reviews
* Develop custom parsers
* Develop and maintain custom reports
* Develop and maintain a Use case factory

The ideal candidate will meet the following requirements:
* Strong expertise and experience in enterprise Cyber Security environments and Security Operation Centres
* Advanced knowledge in Enterprise SIEM platform (IBM Qradar preferred)
* Working in a 8x5 Security Operation Center (SOC L2) environment.

Orario di lavoro: Tempo pieno

Il presente annuncio è rivolto ad entrambi i sessi, ai sensi della vigente normativa in tema di discriminazioni di genere

Caratteristiche richieste
Area funzionale
Area funzionale:
Area funzionale: IT - TLC - Internet - Software - Mansione: Altro: IT - TLC - Internet - Software

Esperienza in area funzionale
Anni di esperienza minima nel settore: Più di 5

  • Assicurazioni

Regione di residenza
Area di ricerca:
Regione: Veneto - Province: Treviso

Titolo di studio
Titolo di studio: Laurea breve

Conoscenze informatiche
Conoscenze informatiche:
  • Excel

Affinità con il tuo profilo