Monday, March 9, 2020
Express analysis, classification of information security events;
Making decisions on closing standard IS events or escalating them;
Operational development of recommendations for the localization and neutralization of IS incidents;
Operational coordination of the process of response to information security incidents; (interaction with IT department, business process owners)
Responding to individual IS incidents by means of remote work;
Post-incident activities (retrospective analysis of IS incidents, development of recommendations for their prevention, preparation of reports);
Registration of information on cyber threats and IS incidents;
Development of proposals for improving processes and technologies for monitoring and analyzing information security events.
General knowledge and skills in the field of detection, analysis and response to information security incidents;
Understanding the principles, protocols and technologies for ensuring network security, OS security;
Understanding of modern methods, tools and technologies for conducting attacks, current threats of information security and defense;
Knowledge of the basics of network protocols at the CCNA level (OSI model, TCP / IP, VLAN, Routing, ACL), experience with network equipment;
Understanding of the principles of work, as well as desirable experience in operating solutions of the Firewall, IPS, EDR, Honeypots classes;
Experience in administering the Windows infrastructure, in particular Active Directory;
Experience in the development of analytical reports, technical documentation;
English — Intermediate level;
Experience in SOC, CSIR.
Do you know who the vacancy is suitable for? Share it and get +10 karma
Do you want to work with us? Write!