от компании (организации): ВТБ Капитал в городе (населённом пункте): Москва, Россия
в отрасли экономики "Информационные технологии, интернет, телеком" → "Банковское ПО"
с заработной платой: по договоренности
Вакансия № 5071536 добавлена в базу данных сайта Работа в Москве и Московской области (МО, Подмосковье): Среда, 28 августа 2024 года.
Дата обновления вакансии № 5071536 на сайте Работа в Москве и Московской области (МО, Подмосковье): Среда, 25 сентября 2024 года.
Обращаем Ваше внимание, что на момент обращения к работодателю вакансия № 5071536 может быть уже занята. Администрация сайта Работа в Москве и Московской области (МО, Подмосковье) приносит извинения за доставленные неудобства.
Требования к опыту работы:
3–6 лет
Тип занятости:
полная занятость
График работы:
полный день
Дополнительные сведения о вакансии: Security Operation Centre’s Lead Analyst
Job description
- Maintenance of the rules and procedures for incidents investigation and instructions for responding to incidents
- Continuous event monitoring and incidents registration according to the Bank’s KRIs
- Security incidents management and handling (including escalation procedure creation and maintenance along with SLA for reaction)
- Conducting security incidents investigation (including retrospective analysis)
- Creation of the trigger security event database that require response and investigation
- Forming and maintenance of the rules and procedures for incidents investigation and instructions for responding to incidents
- Internal and external vulnerability scanning and security assessment
- Consultation of other divisions of the bank, participation in projects and daily business activities
- Proactive detection of anomalous activity in the infrastructure of VTB Capital
- Participating in KRI database maintenance procedures
- Carrying out periodic tests / exercises on the response and investigation of security incidents at different levels, involving the entire escalation chain
- Forming the program and periodically carrying out activities to raise awareness of VTB Capital employees about information security threats
- Manage security incidents in interaction with other support functions, internal audit, IT Security and the GISO function.
- Manage the On boarding of new security tools to SIEM (Security Incident & Event Management)
Requirements
Mandatory:
- 3+ years of working experience on the same functional level
- Working knowledge / hands-on experience working within and supporting a Corporate Security Operations Center (SOC) environment
- Experience with SIEM technology, logging, Splunk, data analytics, cloud, and virtualization
- Expert knowledge of Splunk
- Deep knowledge in application, system and network exploitation or enumeration techniques utilized today ranging from injection, privilege escalation, buffer overflows, fuzzing, scanning
- Knowledge of tactics, techniques, and procedures that could be used for recon, persistence, lateral movement, and ex-filtration
- Proficiency with one and / or more of the scripting languages, e.g. Perl, Python, Bash, PowerShell or shell scripting
- Solid grasp of networking topologies, protocol usage, and enterprise hardware including switches, routers, firewalls and their roles in security
- Knowledge of access control methodologies, network / host intrusion detection, vulnerability management tools, patch management tools, penetration testing tools, and AV solutions
- Skills and experience in administering Linux OS and Windows OS, the main system services and including the TCP / IP protocol stack
- Understanding of windows event log journals such as security, application etc.
- Understanding of the architecture, structure and main events associated with accounts and critical operational system events
- Skills and experience working with data in the formats like Syslog, XML, JSON, with relational DBMS
- A creative forensic mindset
- Identifying and evaluating malware-related compromise artefacts
- Must demonstrate ability to solve practical problems and deal with a variety of variables in situations where only limited standardization exits
- Perform with minimal supervision of routine duties
- Good oral and written communication skills
- Good English (Intermediate+, no issue with speaking and business writing)
Desired:
- Experience in SOC function for Financial companies (IB, Banks, Insurance)
- Ethical hacking
Откликнуться на эту вакансию: Security Operation Centre’s Lead Analyst
Предыдущая вакансия:
Вакансия № 5071535 на должность Менеджер по покупке-продаже квартир / Специалист по недвижимости от компании ООО РостИнвест в городе (населенном пункте) Москва