от компании (организации): ВТБ Капитал в городе (населённом пункте): Москва, Россия
в отрасли экономики "Информационные технологии, интернет, телеком" → "Банковское ПО"
с заработной платой: по договоренности
Вакансия № 5071534 добавлена в базу данных сайта Работа в Москве и Московской области (МО, Подмосковье): Среда, 25 сентября 2024 года.
Дата обновления вакансии № 5071534 на сайте Работа в Москве и Московской области (МО, Подмосковье): Пятница, 27 сентября 2024 года.
Обращаем Ваше внимание, что на момент обращения к работодателю вакансия № 5071534 может быть уже занята. Администрация сайта Работа в Москве и Московской области (МО, Подмосковье) приносит извинения за доставленные неудобства.
Требования к опыту работы:
3–6 лет
Тип занятости:
полная занятость
График работы:
полный день
Дополнительные сведения о вакансии: Security Operation Centre’s Engineer
Job description
- Continuous event monitoring and incidents registration according to the Bank’s KRIs
- Security incidents handling (including escalation procedure creation and maintenance along with SLA for reaction)
- Conducting security incidents investigation (including retrospective analysis)
- Proactive detection of anomalous activity in the infrastructure of VTB Capital
- Incidents analysis and response
- Incidents analysis
- Incident response procedures coordination & continuous improvement
- Initial countermeasures introduction and their proper implementation into the infrastructure
- Tracking and monitoring suspicious activity and perpetrators
- Participating in KRI database maintenance procedures
- Carrying out periodic tests / exercises on the response and investigation of security incidents at different levels, involving the entire escalation chain
- Forming the program and periodically carrying out activities to raise awareness of VTB Capital employees about information security threats
- Monitoring security tools for vulnerabilities and potential attack vectors as well as 1st & 2nd line support & periodic operational checks of Bank’s security tools
- Manage security incidents in interaction with other support functions, internal audit, IT Security and the GISO function
- Integration of new security tools with SOC infrastructure and incorporating them into basic infrastructure processes
Requirements
Mandatory:
- 2+ years of working experience on the same functional level
- Working knowledge / hands-on experience working within and supporting a Corporate Security Operations Center (SOC) environment
- Good understanding of SIEM technology, logging, , data analytics, cloud, and virtualization
- Experience with Splunk
- Understanding of application, system and network exploitation or enumeration techniques utilized today ranging from injection, privilege escalation, buffer overflows, fuzzing, scanning
- Understanding with one and / or more of the scripting languages, e.g. Perl, Python, Bash, PowerShell or shell scripting
- Understanding of networking topologies, protocol usage, and enterprise hardware including switches, routers, firewalls and their roles in security
- Knowledge of access control methodologies, network / host intrusion detection, vulnerability management tools, patch management tools, penetration testing tools, and AV solutions
- Experience in administering Unix and Windows operating systems.
- Experience working with data in the formats Syslog, XML, JSON, with relational DBMS
- Experience in designing, implementing and supporting security tools
- Good oral and written communication skills
- Ability to read, write and speak in English (intermediate+ level
Desired:
- Experience in SOC function for Financial companies (IB, Banks, Insurance)
Откликнуться на эту вакансию: Security Operation Centre’s Engineer
Предыдущая вакансия:
Вакансия № 5071531 на должность Администратор сервиса от компании ООО АВТОРУСЬ, группа компаний в городе (населенном пункте) Подольск