About this opportunity !
We are now looking for a Senior Security Specialist to Monitor (24x7x365), notify, escalate, investigate and resolve information security events. In this role you will manage Security Automated Operations and Security Technical Authority.
What you will do
Respond after hours (on-call support)
- Coordinate and conduct event collection, log management, event management, and compliance automation
- Respond to day-to-day security change requests security operations
- Conduct security research and intelligence gathering on emerging threats and exploits
- Perform post-mortem analysis on logs, traffic flows, and other activities to identify malicious activity.
- Security analysis (networking devices and operating systems, endpoint analysis, network charges)
- Work with the various Technical Authority teams to respond to and resolve security incidents optimally and quickly.
- Provide Root Cause Analysis for security incidents and outages/impairments security tools...
- Coordinate authentication and access controls, including provisioning, changes, and de-provisioning of user and system accounts, security/access roles, and access permissions to information assets
- Deploy content (policies, signatures, parsers, or rules) for the security infrastructure
- Work with SIEM, IPS/IDS, IAM vendors for application related issues
- Mentor level 1 analyst to improve detection capability within the SOC
- Prepare Use Cases & MOPs on identified scenarios
- Drive continuous process improvements by providing inputs on the current processes and possible improvement opportunities
- Business intelligence reporting based on SOC and customer needs
- Identify and report risks related to security
- Perform periodic reporting and, when applicable, present to management and/or the customer’s security team.
You will bring
4-7 years experience with at least 2 years of experience in IT and 2 years in the security- Knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.), and PAM tools (BeyondTrust, CyberArk, etc.)
- Knowledge of both Linux-based and MS Windows-based system platforms with a deep technical understanding and aptitude for analytical problem-solving
- Understanding of enterprise computing environments, distributed applications, and a good understanding of TCP/IP networks, along with available security controls (technical & process controls) for respective layers
- Participate in the out-of-hours on-call rotation, providing technical support to the business for major and critical incidents
- Good communication skills, English is a must.
Benefits :
25 vacation days/year;- Medical & life insurance;
- Career plan mentoring;
- Referral bonuses for recommending your friends to work at Ericsson;
- Flexible benefits from your favorite brands available on flexible benefits portal;
- Gym subscription (available in flex benefits together with a series of other options);
- Internal learning platform to develop your knowledge, skills, and proficiencies & curated external content - articles, videos, courses, podcasts, and books from external libraries such as Skillsoft, Pluralsight, Big Think, EdX, TED Talks, Khan Academy, YouTube, and the open web itself (learning platform mobile-enabled);
- In case of travel, daily allowance, transport, and accommodation will be paid by the company.
- Part of an active community via Brand Ambassadors, CSR Activities, Sports Teams.
LI-POST
Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we nurture it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team.
Ericsson is proud to be an Equal Opportunity and Affirmative Action employer, learn more.
Primary country and city: Romania (RO) || Romania : Bucharest : Bucharest
Req ID: 718739
