IT Security Senior Advisor - Dell Secureworks - Bucharest, Romania
Bucharest, RomaniaJob ID R047287 Date posted Dec. 03, 2019
IT Security Senior Advisor - Dell Secureworks - Bucharest, Romania
Secureworks (SCWX-NASDAQ) is a global leader in intelligence-driven information security solutions. We help organizations confidently pursue business goals in a digitally-connected world. Consistently recognized by industry analysts and readers’ polls, we are one of the best in the world at understanding and anticipating threat behavior. We see 250 billion events every day across 4400 clients in more than 55 countries, and our solutions work across all the layers of a client’s security environment, including 330 different vendor technologies. Join a talented, dedicated, and diverse team of researchers, analysts, engineers, consultants and business professionals who are focused 100% on protecting our clients from cyber threats. We seek out the brightest minds and empower our teams with the tools and support they need to fight the bad guys and maintain our company’s leadership in the cyber security industry.
Uniquely positioned to adapt as the industry evolves, we are also proud to be part of the Dell Technologies family. We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.
The successful candidate must be a strong leader in the security field with proven technical skills and experience researching, validating and responding to advanced threat actors. In this role, the candidate will make use of all available data sources, security tools, and threat trends and combining security monitoring and analysis techniques will identify attacks against the organizations.
This role will function as a Incident Response Consultant. You will receive investigations and respond to activity within the clients environment detected by SecureWorks Managed Security Services.
In this position you will own/ contribute to the investigation of high incidents, performing root cause investigations, determining the source of the threat, the extent to which client assets have been compromised, making recommendations for remediation, and assisting in the implementation.
- Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and incident lifecycle management
- Prepare operational governance reports and present them to the business stakeholders and client representatives
- Develop and review team training plans and facilitate career development for engineers of all seniority levels
- Perform an advanced analysis of threat actors’ intrusion artifacts and using discovered data to enable mitigation actions of incidents within the network
- Utilize in-depth technical knowledge to design complex detection procedures for the detection of threat actor’s behavior
- Work as an internal subject matter expert for other departments, including internal teams
- 5+years of Information Technology experience with network technologies (CCNA, JNCIA certificationare desirable)
- Experience around the SIEM processes, monitoring & collecting, escalation strategies, data source normalization, event reduction, threshold tuning, alert triggers, threat Intelligence, threat modeling, triage
- Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, intrusion detection systems, system logs)
- Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management
- Understanding of typical threat actor profiles, the typical indicators associated with these profiles, and be able to develop innovative techniques to detect malicious activity
- Knowledge of tactics, techniques, and procedures associated with malicious activity
- Able to correlate and aggregate information from all available data sources, security tools, and threat trends to identify attacks against the client network
- Knowledge of forensic tools to identify anomalous and potentially malicious behavior
- Able to perform network traffic analysis and design use cases based on the findings
Skills & Competencies
- Performing analysis of security and infrastructure logs
- Researching targeted threat groups and their tactics, techniques and procedures (TTP)
- Programming with Python, C, C++, IA32/64 Assembly
- Experience developing tools for malicious code analysis, network traffic analysis and the detection of malicious code on endpoint systems is a strong plus
- Performing vulnerability and exploit research and analysis
- Strong understanding of computer architecture and operating systems concepts
- Thorough knowledge of information security components, principles, practices, and procedures
- Thorough understanding of computer network exploitation (CNE) and computer network defense (CND) concepts
- BA/BS in engineering/computer science or acceptable combination of education and experience required. Masters, PhD or other advanced degree preferred
Why work with us?
Life at Secureworks means collaborating with dedicated professionals with a passion for technology. When we see something that could be improved, we get to work inventing the solution. Our people demonstrate our winning culture through positive and meaningful relationships. We invest in our people and offer a series of programs that enables them to pursue a career that fulfills their potential. Our team members’ health and wellness is our priority as well as rewarding them for their hard work. Our Bucharest office is vital to Secureworks. It serves as our core Security Centre of Excellence hub for EMEA. It’s a large, modern, open plan space conveniently located in AFI Business Park, which is a short walk to the AFI Palace Cotroceni Mall. Our team have access to complimentary fresh coffee and fruit or they can take a break in the games or break out area.
Secureworks, a Dell Technologies company, is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, colour, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.