Information Security Sr. Advisor - Dell Secureworks - Bucharest, Romania
Bucharest, RomaniaJob ID R028233 Date posted Aug. 06, 2019
Secureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. We help organizations confidently pursue business goals in a digitally-connected world. Consistently recognized by industry analysts and readers’ polls, we are one of the best in the world at understanding and anticipating threat behavior. We see 250 billion events every day across 4400 clients in more than 55 countries, and our solutions work across all the layers of a client’s security environment, including 330 different vendor technologies. Join a talented, dedicated, and diverse team of researchers, analysts, engineers, consultants and business professionals who are focused 100% on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys and maintain our company’s leadership in the cyber security industry.
Uniquely positioned to adapt as the industry evolves, we are also proud to be part of the Dell Technologies family. We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
This role will function as a SOC Analyst Team Leader. You will receive alerts and respond to activity within the client's environment detected by SecureWorks Managed Security Services. In this position you will oversee the daily tasks and deliverables handled by InfoSec Team and contribute to the investigation of high alerts, determining the source of the threat, the extent to which client assets have been compromised, making recommendations for remediation, and assisting in the implementation.
- Acting as a subject matter expert in QRadar platform administration, providing also training for the InfoSec team;
- Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM platform;
- Prepare operational governance reports and present them to the business stakeholders and client representatives;
- Develop and review team training plans and facilitate career development for engineers of all seniority levels;
- Overseeing and performing daily operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including but not limited to events from SIEM tools, network and host based IDS, firewall logs, system logs (Unix & Windows), mainframes, midrange, applications and databases.
- 5+ years of Information Technology experience with network technologies (CCNA, JNCIA certification are desirable);
- Experience around SIEM processes, monitoring & collecting, escalation strategies, data source normalization, event reduction, threshold tuning, alert triggers, threat Intelligence, threat modeling, triage;
- Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, intrusion detection systems, system logs);
- Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management;
- Industry certification from vendors: ISC2, GIAC, EC-Council, Cisco, Juniper, CompTIA, ITIL, Unix, Microsoft, Oracle, etc.;
- Previous experience in adjacent areas such as, Security Operations Center, Network Operations Center, System Administrator, Platform/Tool Support Engineer, IT Helpdesk support;
- Q-Radar platform user or administrator previous experience is highly desirable.
Why work with us?
Life at Secureworks (a Dell Technologies Company) means collaborating with, learning from, and partnering with some of the brightest security professionals in the industry. Our dedicated team members share a passion for technology and for protecting our clients. When we see an opportunity for improvement, we eagerly accept the challenge and are energized by finding a better solution. Our winning culture is brought to life by our team members who proudly demonstrate our Core Values everyday: Clients First, Integrity, Ownership, Respectful Honesty, and Innovation. These values have successfully guided our decisions and actions since our entrepreneurial roots and set the tone for us as we aspire to be the global leader in cybersecurity solutions. We invest in our global team, and offer resources, tools, and programs that empower all of us to learn, grow, and fulfill our potential on a daily basis.
If you are eager to pursue a career in cybersecurity - and not just find a job - consider joining the team that is Collectively Smarter. Together, we help our clients to be Exponentially Safer.
“At the end of the day,
If we can protect our clients,
Nothing else matters.
If we cannot protect our clients,
Nothing else matters.”