Cyber Security Analyst

CMS CSOC - Cyber Security Analyst
100% REMOTE
B2B via Experis
Rate: 80-100 PLN netto+VAT/h


CMS desires to have a Cyber Security Analyst join its CMS Cyber Security Operations Center (CSOC) as
part of the threat detection and response team. CMS provides tailored security services targeting the
MSSP/EDR market. The CMS CSOC - Cyber Security Analyst will be responsible for providing case triage,
preliminary incident handling, and case investigation capabilities for our customer base.


Responsibilities:

• Perform case triage, gathering additional information as needed to determine if the case
  warrants further investigation
• Gather and provide reliable information regarding investigation and threats related to observed
  activity in written and/or verbal form in case of customer calls or when high priority incidents
  occurs that mandates CSOC to notify customers directly via phone
• Provide follow-up analysis and be communicative with customers via incidents escalated to
  them in case of upcoming questions, actions pending or performed by customers
• Correlate and analyze relevant security event, system log, network information and various
  information from security products
• Follow established processes for case investigation, maintaining proper case documentation and
  communication with customers and teams
• Collaborate with and support other team members in case investigations
• Identify and communicate practical ways that processes could be improved (or even automated)
  or that tools could be enhanced to get the CSOC on target faster and help deliver better results
  for our customers
• Contribute enhancing quality and reducing workload by taking actions on tuning activities such
  as tuning of false-positives, detection disposition enhancements and others
• Vigilantly protect customer data confidentiality and integrity
• Monitor for and report any issues with CSOC platform operations
• Maintain adherence to corporate and CSOC ethics, standards, processes, and procedures
• Contribute to the shift turnover reports to ensure an open information flow between shifts
• Develop and execute a plan for continuous learning with your leaders and/or mentor
• Work with your manager, team leads and senior team members on enhancing quality of case
  investigations by following determined methodologies of incident analysis, taking corrective
  actions on case investigations (if needed) and constantly develop skills and knowledge to meet
  the expectations of CSOC Cyber Security Analyst role and customer needs
• Be prepared to represent CSOC on various presentations and meetings in front of customers,
  partners or other internal or external stakeholders

• Excellent verbal and written communication
• Excellent problem-solving and technical skills
• Knowledge on malware identification, practical experience is a plus
• Fundamental understanding of TCP/IP, core application layer protocols and networking concepts
• Understanding and/or experience with Windows operating systems, Active Directory, and
  command line/PowerShell tools in an enterprise environment
• Understanding and/or experience with Linux/Unix operating systems and command line tools in
  an enterprise environment
• Fundamental knowledge in one or more of the following security technologies: EPP/EDR, Nextgen
  Firewalls, IPS, WAF, Proxy, DNS Security (experience is a plus)
• General understanding of common cyber-attack techniques and vectors
• Fundamental understanding of incident handing procedures in the Detection, Containment, Eradication and Recovery phases of Incident Response
• Knowledge of foundational security principles
• Strong analytical mindset with acute attention to details
• General understanding of modern adversary tactics, techniques and procedures
• Deep passion for cybersecurity and staying up-to-date with current threats, tools and techniques
• Flexibility – Willingness to deal with a high level of ambiguity and change and to pitch in where
  needed; because this is Cyber Security and change is the only constant.
• Scripting or coding skills in languages like JavaScript or Python not required but are a huge plus
• Ability to work as part of a diverse, global team
• Willingness to work flexible shift hours (later afternoon / evening shifts)
   

• Professional experience performing threat detection, threat analysis and cyber-security
  investigations in an enterprise environment is a plus
• Professional experience in the IT security industry is a plus
• A degree in a technical field (Computer Science / Computer Security / Cybersecurity / Computer
  Networking) or equivalent work experience is a plus
• Hold one or more of the following certifications (or currently working on):

• ISC2: SSCP
• EC-Council: CEH
• SANS: GICA, GCIH, GMON, GNFA, GFCA, GCFE
• Cisco: CyberOps Associate, CyberOps Professional

• MultiSport Plus
• Medicover
• Generali life insurance
• E-learning platform
• Paid Referral Program
• 100% Remote work