ESET, azienda leader globale di sicurezza digitale, ricerca un Cybersecurity Monitoring Engineer per la sede di Milano
ESET develops software solutions that deliver instant, comprehensive protection against evolving computer security threats. We pioneered and continue to lead the industry in proactive threat detection. ESET is global digital security company, protecting millions of customers and thousands of companies worldwide. 30+ years of award-winning technology.
Sold in more than 200 countries and territories, ESET has global headquarters in Bratislava, Slovakia.
Position represents a skilled security monitoring specialist in the area of IT security with experience as SOC analyst. Position requires understanding of security architecture across platforms and experience with solving security/malware incidents.
Employee demonstrates very high reliability and full autonomy in security tickets processing as well as threat monitoring and hunting on level L2. Employee provides technical guidance on security/malware related questions to Technical and Security Support Engineers and junior colleagues in accordance with instructions of manager.
High adaptability is expected as well as an awareness of own limitations. Employee should be focused mostly on developing of own skills, deepening his knowledge of supported products and keeping up to date on trends in IT security field, new tools and products of ESET. Employee comes up with innovative ideas and solutions to problems, as well as with proposals for optimization of existing processes and systems and suggestions to implement new tools and technologies.
Responsibilities and Duties
- Become familiar with all supported ESET business products (including ESET Inspect) and their inner workings (mainly configuration, detection, blocking, protection layers, cleaning-oriented features, etc.) as well as ESET security services offering, get in touch with ESET business products before their release
- With support of the employer, persistently look for education opportunities in the field of IT security and undergo advanced IT security trainings
- Perform security optimization of the threat monitoring system in the assigned environments
- Perform security monitoring and hunting services for assigned customers or environments
- Perform basic analysis of security threats and evaluation of the data about potential threats
- Prepare reports and communicate incidents to the customer
- Provide consultations to the customer and offer cyber security recommendations
- Transform the knowledge of new threats, attacks and experience from monitoring services into proposals to improve ESET business products and services
- Respond to and solve basic and advanced security support related tickets in accordance with the defined procedures and if needed assist L3 to solve the ticket in question
- Schedule and work on remote sessions with customers
- Adhere to defined processes and communication standards while providing support to customers
- Prepare testing environments; reproduce reported issues and cooperate with ESET HQ while searching for solutions
- Provide on-site/remote installation for selected customers
- Bachelors IT degree or an equivalently qualification with relevant professional experience
- 2+ years of experience in IT Security and experience as SOC analyst
- Expertise in specific areas of security like Ethical Hacking, Network Security is an advantage
- The position requires hands-on experience with endpoint protection security products, EDR systems, an understanding of cross-platform security architecture, and solution experience. If specific experience is lacking, the employee must show a willingness to learn.
- Experience with tools for communication with customer and its environment (ticketing system, remote access, etc.)
- Advanced understanding of malware: attack vectors (malicious links, email attachments, downloads, drive-by, exploits, open RDP, social engineering, etc.)
- Advanced understanding of malware: threat types (phishing, ransomware, financially motivated malware, spyware, backdoor, botnet, etc.)
- Advanced understanding of malware detection: false negative and false positive
- Advanced understanding of cyber-attacks anatomy and ability to identify such attacks
- Advanced understanding of security hygiene concepts
- Advanced understanding of concept of IOCs, files, file types, file hashes, URLs, domains, Ips
- Advanced understanding of computer security incident handling
- Advanced understanding of networking (IP address, port, protocol, MAC address, etc.)
- Ability to keep up with trends and new developments in cyber security field (e.g. new types of attacks, new protection measures in business products etc.)
- Ability to do analysis of issue reported by customer and provide solution based on previous experience or known/defined procedures or tutorials.
- Ability to reproduce problems on controlled environment and do basic root cause analysis
- Experience with forensic tools (data collection)
- Ability to perform basic forensic analysis based on previous experience or known/defined procedures or tutorials
- Ability to perform basic DFIR assistance based on previous experience or known/defined procedures or tutorials
- Experience as SOC analyst or with security monitoring of computer environment, analysis of suspicious behaviour and evaluating outputs from systems for security monitoring (EDR, SIEM, etc.)
- In-depth knowledge of the security software Industry and ESET competitors
- Complete ESET products knowledge
- Expertise in specific areas of security, such as ethical hacking, network security, etc,
- Microsoft: Exam 98-349: Windows Operating System Fundamentals
- Microsoft: Exam 98-366: Networking fundamentals
- Microsoft: Exam 98-367: Security Fundamentals
- SANS: FOR308: Digital Forensics Essentials
- SANS: SEC450: Blue Team Fundamentals: Security Operations and Analysis
- SANS: FOR498: Battlefield Forensics & Data Acquisition
- SANS: FOR500: Windows Forensic Analysis | GCFE
- SANS: SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling | GCIH
- SANS: FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics | GCFA
- English (B2)
- Italian (C1)
- Polite and helpful personality
- Customer-oriented communication
- Proved verbal and written communication skills