WHO ARE WE?
It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents.
All of this is built on four fundamental values that define who we are: We are Proud, We Break Barriers, We Care and No BS!
WHAT WILL YOU DO?
As a SOC analyst fulltime onsite at the client, your daily activities will include but are not limited to:
- Work cross functionally to drive security related projects
- Participate in incident management calls and coordinate response, triage, recovery, and reporting of incidents
- Security process improvement
- Ongoing maintenance and improvements/tuning of the detection rulesets
- Monitor and analyze emerging threats, vulnerabilities and exploits
- Triaging, assessing, and analyzing incidents in phishing and malware
- Continuous monitoring, tuning, hardening and improvement of the existing security rules and policies
- Analyze security data and report on threats and incidents across various platforms and environments
- Experience working in one or more of the following areas: Email Security, Network Security, Intrusion Detection Systems, Threat Intelligence, Threat Detection
- Experience in networking and core internet protocols (TCP/IP, HTTP, SSL) and experience analyzing malicious network traffic
- Strong communications skills with a demonstrated effectiveness in delivering work product to other teams
- Basic understanding of the Security automation (SOAR) principles
- You are familiar with working with multiple stakeholders such as engineering/operations teams, internal business units, external incident response teams throughout the incident lifecycle
- Large scale analysis of log data using tools such as Splunk
- Experience analyzing large data sets for threat hunting
- Experience building detection and response tools
- Experience with host/memory based forensics and detections
- Knowledge of defensive security concepts such as, adversity tactic and technique, MITRE ATT&CK framework, logging etc.
- Keeping existing runbooks up to date and creating new runbooks to improve processes/coverage
- Experience with analyzing network traffic, endpoint indicators, IOCs
- Ability to combine/search/correlate various log sources to
WHAT DO WE OFFER?
At NVISO, we care. We are committed to offering you a highly competitive remuneration package including financial and non-financial components:
- Working and learning from the best people in the European cyber security industry. We have multiple SANS Instructors working at NVISO, our staff has presented at popular hacking conferences (BlackHat, BruCON, OWASP, etc) and all of our technical staff can acquire deep technical security certifications (GSE, GXPN, GREM, GCFA, OSCP, etc)
- A very attractive training budget, with great flexibility for choosing trainings as long as they contribute to your personal development;
- An entrepreneurial and agile company, where you will be stimulated and supported in driving new initiatives (either through internal innovation or by improving our service offering), without losing sight of having fun!
- Regular team-building and fun events with legendary off-site events once a year. The location of the next team building is one of the most closely guarded secrets at NVISO… We can however disclose that we’ve visited Lisbon, Dubai and Malta over the past few years
- Flexible working hours and home office possibilities
- Flex Reward Plan
- 32 holidays