WHO ARE WE?
It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents.
All of this is built on four fundamental values that define who we are: We are Proud, We Break Barriers, We Care and No BS!
WHAT WILL YOU DO?
As a SOAR Engineer you will :
-
Work closely with the Security Operations Center (SOC) and Security Engineering teams to improve existing automation and deliver resilient security solutions
-
Assess, design, and improve SOC processes and workflows with a focus on integrating automation through Security Orchestration, Automation and Response (SOAR) tools and technologies
-
Maintain and further develop the existing Automation capabilities
-
Implement new SOC automation and ensure continued compatibility with existing detection and response tools
-
Integrate new logging sources and build playbooks to properly triage and respond to security incidents while reducing the time needed to analyze each event
-
Develop scripts to automate current detection and response workflows
-
Analyze SOC alerts statistics and workflows to reduce false positives and adequately focus engineering efforts
-
Build playbooks to enrich logs and alert results to provide a comprehensive view for SOC analysts
You will be trained on the job in:
Concepts
- SOAR Engineering Design
- Automation Concepts
- Security Operations
- DevOps
- Agile Methodology
Tools
- Cortex XSOAR
- Github
- PyCharm
REQUIREMENTS
- Significant theoretical and practical knowledge in the following areas:
- Unix, Linux, Windows, etc. operating systems
- Well-known networking protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.)
- Exploits, vulnerabilities, network attacks
- Packet analysis tools (tcpdump, Wireshark, ngrep, etc.)
- Regular expressions
- Database structures and queries
- Strong written and verbal communication skills
- Attention to detail and great organizational skills
- Python scripting
WHAT DO WE OFFER?
At NVISO, we care. We are committed to offering you a highly competitive remuneration package including financial and non-financial components:
- Working and learning from the best people in the European cyber security industry. We have multiple SANS Instructors working at NVISO, our staff has presented at popular hacking conferences (BlackHat, BruCON, OWASP, etc) and all of our technical staff can acquire deep technical security certifications (GSE, GXPN, GREM, GCFA, OSCP, etc)
- A very attractive training budget, with great flexibility for choosing trainings as long as they contribute to your personal development;
- An entrepreneurial and agile company, where you will be stimulated and supported in driving new initiatives (either through internal innovation or by improving our service offering), without losing sight of having fun!
- Regular team-building and fun events with legendary off-site events once a year. The location of the next team building is one of the most closely guarded secrets at NVISO… We can however disclose that we’ve visited Lisbon, Dubai and Malta over the past few years
- Flexible working hours and home office possibilities
- Flex Reward Plan
- 32 holidays