INCIDENT HANDLER L2 | L2 TECHNICAL ANALYST | L2 SUPPORT ENGINEER

14/01/2022

Roma

Job description

Techyon is the first Head Hunter which exclusively specializes in the search and selection of professionals and managers in the Information Technology field. Our Recruitment Engineers select the best IT profiles for prestigious IT consulting firms, banks, service companies, manufacturing groups, start-ups of excellence and digital DNA companies.

About the Company: for an innovative company, specialized in the IT Security field, our Recruitment Engineers are looking for a Incident Handler L2.

 

Core Responsibilities:
  • Review incident tickets generated by L1 SOC operators 
  • Help L1 SOC operators  to determine remediation and recovery actions
  • Monitoring SLA
  • Review changes in network security devices (E.g. FWs, IDS/IPS
  • Threat investigation and escalation to L3 SOC operators if required
  • Review SIEM use cases. Interact and collaborate with NOC operators

Job requirements

Must Have:
  • Knowledge of adversary TTPs detection and identification
  • Procedures (MITRE ATT&CK Framework)
  • Experience and knowledge related to the configuration and maintenance of security monitoring and reporting platforms
  • Knowledge of emerging information security technologies.
  • Programming skills (Python, Golang, PowerShell, Bash)
  • Bachelor's or master's degree with qualifications in computer science, telecommunication engineering and information technology, cyber security, or equivalent education experience
  • Minimum 2 years of experience in the role
  • Fluent English (minimum B2)

 

Nice to have:

Certifications: CEH (Certified Ethical Hacker), CIH (EC-Council Certified Incident Handler), CSA (EC-Council Certified SOC Analyst), CND (EC-Council Computer Network Defender), SANS SEC503 Intrusion Detection In-Depth (GCIA certification), SANS SEC504 Hacker Tools, Techniques, Exploits and Incident Handling (GCIH certification), SANS SEC510 Public Cloud Security: AWS, Azure and GCP (N/A certification), SANS SEC584 Cloud Native Security: Defending Containers and Kubernetes (N/A certification), Vendor’s certifications.

Other info

Location: Roma

Compila i seguenti campi per candidarti.

Carica il tuo CV (.pdf)* Non puoi caricare il CV?

Informativa privacy candidati