Security Monitoring Analyst

Be responsible for performing the security monitoring services for assigned customers / assigned environments. Job description - Be responsible for performing the security monitoring services for assigned customers / assigned environments. - Be responsible for performing the "Early Warning" services on ETI (ESET Threat Intelligence) platform. - Perform optimization (tuning) of the threat monitoring system in the assigned environments. - Be responsible for the analysis of security threats and evaluation of the data about potential threats. - Prepare reports (internal / external) / communicate with the customer about incidents. - Independently cooperate on developing new technologies for monitoring and identifying security breaches. - Cooperate on developing of the security monitoring services and the security threat reporting system (ETI). - Independently consult and make recommendations in the field of cyber security (for a specific external customer, as a part of the support or on the online forum). - Work with malicious code detection systems. - Work with colleagues to conduct in-depth malware analysis. - Educate continuously in relevant areas of cyber security and transfer knowledge to the team members. - Transform the knowledge of new threats into proposals to improve products and services. - Actively cover the assigned service areas, what may include supervising the work of cooperating more junior team members. - Methodically lead more junior team members to train and improve their skills - Design and improve security services processes. - Create instructions for performing security services (Threat Monitoring, Threat Hunting,...). - Perform conceptual, systemic, creative and methodological activities. - Carry out other tasks according to the instructions of the direct manager in accordance with the activities of the department and the company. - Work on Professional services duties and tasks assigned to them by their superior. **Requirements**: - good knowledge of the methods and "anatomy" of attacks on computer infrastructure and the ability to identify such attacks - experience min. 5 years as a SOC security analyst, or an equivalent position (also outside the SOC) where the main full-time job was the operation and evaluation of outputs from the security monitoring systems of a larger company (1000+ PCs) for the purpose of identifying and reporting potential security threats - English language - ability to understand technical text, ability to communicate fluently with the customer, formulate and write complicated technical reports and recommendations - interest in continuing education in the field of computer security - analytical thinking with an eye for detail - patience when processing a lot of data - independence - the ability to communicate with the customer - good knowledge of the Windows operating system, knowledge of system tools - good knowledge of the internal functioning of the Windows system (how things work) - processes, registries, filesystem, services, scheduling,... - good knowledge of computer networks (IP address, port, protocols, MAC address,...) - basic knowledge of scripts: powershell, batch/cmd, vbscript/javascript - a good overview of computer security **Nice to have**: - experience working with SIEM - experience with forensic analysis - certificates in the field of computer security - e.g. CEH - technological certificates - Windows, Unix, networks - experience with Windows OS administration - experience working in the technical support department - willingness to work in shifts (24x7) - the ability to communicate fluently with the customer in English - experience with writing scripts in the Python language - experience with malicious code analysis Job requisition JR-03483 Security Monitoring Analyst (Open) Primary location Milan Additional locations Time type Full time