Security Analyst (Geneva, Onsite, Information security, SIEM, Scripting)

D-ploy is an IT and Engineering Solutions company with operations throughout the EMEA region including Switzerland, Germany, Czech Republic, Austria, UK, as well as the USA.

We pride ourselves on delivering innovative and superior services and solutions to numerous industry-leading clients. By building relationships and trusted partnerships within the IT community, we optimize our customer‘s IT productivity and contribute to the organization’s success and value.

We are interested in talking to engaging, flexible, and solution-oriented individuals who are looking to become a part of a dynamically growing and international organization. We are focused on creating value where IT counts, join us!

Tasks and Responsibilities

• Be part of Security Operations Team identifying threats (through log analysis), responding to cyber incidents (attacks attempts, internal policy violations, etc.) and working with other teams on constant improvement of cyber security capabilities
• Respond to security incidents and perform digital investigations
• Analyse, normalize and correlate various log sources to identify abnormal and/or malicious behaviour through our big data SIEM
• Monitor, respond and fine-tune alerts generated on our big-data SIEM by security systems (AV, NIDS, HIDS, EDR, etc)
• Actively hunt for attackers and search for indicators of compromise by external attackers, or internal Red Team and define new detection rules or improve existing ones
• Define IOCs based on past attacks and external threat intelligence feeds
• Develop and leverage the Threat Intelligence Platform. Develop Tactical and Operational Intelligence
• Investigate malware activity and define related IOCs or contextual detection rules. Write and maintain Security Operations playbooks and standard operating procedures
• Participate in evaluation, implementation, improvement, and troubleshooting of security tools in the portfolio
• Correlation rules fine tuning
• Forensic artifact handling & analysis
• Sensor tuning & maintenance
• Scripting & automation
• Incident hunting
• Threat intelligence
• Trending

Requirements

• Proven SIEM background (minimum a year experience with SIEM Tools, good addition will be knowledge about log sources/correlation rules).
• Experience in one of the following fields: OS administration, Network, Active Directory, Linux, Penetration tests, Vulnerability management, Antivirus software, Proxy, Incident response
• IT Security experience:
  
  • Launch models based on direct distribution to customer for specific brands
  • Support of Distribution Model Change for specific brands
  • New CMO business set-up with external customers for selected production sites
  • New SC model for UK Sales
  • 3 years of experience in Intrusion Detection, DFIR and/or Threat Hunting.
  • Good understanding of TTPs and the ATT&CK Framework.
  • In-depth knowledge of how operating systems operate and how to detect malicious activity.
  • Excellent understanding of network and security protocols, demonstrated ability to detect attacks by analysing network traffic.
  • Experience with Linux and Windows computer forensics and memory analysis.
  • Experience integrating a Threat Intelligence Platform.
  • Programming experience in Python, Shell scripting or other languages
  • Available to work on-call and on occasional overtime (weekends, sale campaigns, etc.).
  • Passionate, curious, eager to learn. Focused, result oriented, positive and constructive.
  • Familiar with Big Data environment and Query languages
  • Log management and SIEM experience
  • Malware analysis and Reverse-engineering experience.
  • MacOS forensics
  • Penetration testing / red-team experience.
  • Relevant security-related certification such as GNFA, GCTI, GREM, OSCP, OSCE, GCIA, GCIH, GCFE, GCFA, GREM, GMON, GCUX, GCWN2
  • Good team player and comfortable sharing responsibilities
  • Exceptional communicator with great communication and interpersonal skills
  • ITIL certification is an advantage
  • Fluency in written and spoken English and French

Benefits

• Broad range of activities, tasks, and projects
• Flexible working conditions
• Minimum 5 weeks of vacation
• Paid sick days
• Meal vouchers
• Vouchers (B-day voucher, wedding, and new born surprise)
• Contributions to wellness programs (multisport card)
• Fishing for Friends program – our referral program
• Refreshments in the D-ploy office
• Further development and professional advancement
• Friendly and international working environment
• Company-sponsored events
• Competitive salary and various benefits

IsITin your DNA?