Security Operation Centre (SOC) - 1900008F

10/09/2019: "Security Operation Centre (SOC) - 1900008F" - Categorie protette

Annuncio dedicato alle persone appartenenti alle categorie protette - legge 68/99.

CITY: Mogliano Veneto

Generali is a major player in the global insurance industry – a strategic and highly important sector for the growth, development and welfare of modern societies.
Over almost 200 years, we have built a multinational Group that is present in more than 60 countries, with 470 companies and nearly 80,000 employees. Our Group aims to become the standard bearer and industry leader in the European retail insurance market, building on our existing base of 50 million retail clients, out of an overall total of 72 million.

GSS provides shared services to the Group companies, with Head Office in Italy and branches in 5 European countries, a total staff of about 1.000 people.

Within the Chief Security Office Division, we are looking for a Security Operation Centre Specialist, who will perform the following activities:
* Develop and support central SIEM infrastructure deployed across company sites
* Perform Log sources integration and management providing analysis and trending of security log data from a large number of heterogeneous security devices
* Provide Incident Response (IR) support when analysis confirms actionable incident
* Investigate, document, and report on information security issues and emerging trends
* Act upon threat intelligence provided by Cyber Threat Intelligence function
* Respond to Information Security related queries
* Mentor and train junior analysts to enhance the overall technical skill-set of the SOC, establish analytic discipline and critical thinking, and promote greater curiosity – thinking "outside the box"
* Investigate IOCs provided by Cyber Threat Intelligence or the Cyber Hunter function
* Supporting handling incidents – encompassing multiple functions: detection and identification, incident triage
* Actively support the projects mission providing solutions, skills and experience.
* Provide support during the internal and externals Audit activities
* Integrate and share information with other analysts and other teams
* Actively Interact with SOC Level 1 team and CERT team daily basis providing support improving the quality of the services

SIEM administration and optimisation activities:
* Expand, tune, and enhance rule-sets – SIEM, – to identify security incidents and reduce false positives
* SIEM maturity assessment
* Support in on-boarding activities of new customers or company branch offices
* Support architecture changes and design reviews
* Develop custom parsers
* Develop and maintain custom reports
* Develop and maintain a Use case factory

The ideal candidate will meet the following requirements:
* Strong expertise and experience in enterprise Cyber Security environments and Security Operation Centres
* Advanced knowledge in Enterprise SIEM platform (IBM Qradar preferred)
* Working in a 8x5 Security Operation Center (SOC L2) environment.

Orario di lavoro: Tempo pieno

Il presente annuncio è rivolto ad entrambi i sessi, ai sensi della vigente normativa in tema di discriminazioni di genere

Caratteristiche richieste
Area funzionale
Area funzionale:
Area funzionale: IT - TLC - Internet - Software

Esperienza in area funzionale
Anni di esperienza minima nel settore: Più di 5

  • Assicurazioni

Regione di residenza
Area di ricerca:
Regione: Veneto

Titolo di studio
Titolo di studio: Laurea breve

Conoscenze informatiche
Conoscenze informatiche:
  • Excel

Affinità con il tuo profilo