Cybersecurity Analyst

Undelucram.ro on behalf of:

BOOKING HOLDINGS ROMANIA SRL

Booking Holdings Romania is a Center of Excellence based in Bucharest, Romania and was created to support the increasing business demands of the Booking Holdings Brands. The Center of Excellence provides access to specialized and highly skilled talent, leading industry best practices, and collaboration opportunities across all of our Brands.

As part of our Booking Holdings Romania team, you will have the opportunity to be a part of the world’s leading provider of online travel, with a mission of making it easier for everyone to experience the world through five-primary consumer facing brands: Booking.com, Priceline, Agoda, KAYAK and OpenTable.

Role Description

The 24/7 Cyber Security Triaging and Monitoring Team is our front line of cyber defense, detecting and responding to cyber attacks in real time, using state-of-the-art technology, processes and procedures.

This role provides a hybrid way of working with an onsite presence of 2 days/week.

Key Job Responsibilities And Duties

• Responsible for triaging and investigating cybersecurity alerts raised by a wide variety of security tools like: SOAR, EDR, XDR, SIEM, Sandbox, Cloud security and Email Security
• Perform end-to-end analysis on potential malicious alerts raised by our multitude of internal tools or reported by the employees
• Report to the 24/7 Cyber Defense Operations & Response Leadership and be willing to work on a 24/7 shift structure (night and weekend shifts as well)
• Collaborate with other CDR stakeholders during the 6 phases of cybersecurity incident: Preparation, Identification, Containment, Eradication, Recovery and Lessons Learned
• Reach out to users or stakeholders to obtain additional information that can help in the assessment of the impact of an incident
• Escalate to higher TIER upon need or based on our sophisticated playbooks & SOPs
• Perform IOC Sweeps and Threat Hunting.
• Improve and maintain playbooks, SOPs and other internal documentation.
• Provide guidance and assistance to the new analysts
• Contribute to the team’s efficiency by identifying new opportunities for
• detections fine tuning, automations, enrichments and playbook improvements
  
  

Role Qualifications And Requirements

• 1-3 years of hands-on operational security experience in a 24x7 SOC environment
• Relevant Cybersecurity certifications, such as CompTIA Security+, CySA+, Blue Team lvl 1, GCIH, GCIA, HackTheBox & LetsDefend trainings and similar)
• Experience working independently to detect, handle, investigate and effectively respond to cybersecurity alerts by following IR playbooks and procedures
• Previous experience in Phishing and Malware cases investigation
• Ability to assess security alerts quickly and increase or decrease the severity based on the outcome of the initial investigation
• Hands-on experience with enterprise security tools
• Experience in working closely with playbooks, SOPs and other technical documentation,
• Robust understanding of IT fundamentals and general cybersecurity concepts
• Good interpersonal and communication skills
• Willingness to work in a 24/7 shift structure
• Highly disciplined and motivated: a self- starter who is able to both work independently and as a member of the team
• Inherently suspicious/skeptical (in a good way) regarding alerts and avoids confirmation bias towards false positives
• Constantly demonstrates ownership and proactiveness in seeking to improve and optimize in anything related to their and their team’s work.
  
  

Benefits & Perks

• Contributing to a high scale, complex, world renowned product and seeing real-time impact of your work on millions of travelers worldwide
• Working in a fast-paced and performance driven culture
• Technical, behavioral and interpersonal competence advancement via on-the-job opportunities, experimental projects, hackathons, conferences and active community participation
• Competitive compensation and benefits package
• Vast amounts of data to validate your ideas and the opportunity to experiment with real users
  
  

Booking Holdings is proud to be an equal opportunity workplace and is an affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. We strive to move well beyond traditional equal opportunity and work to create an environment that allows everyone to thrive.

Pre-Employment Screening

If your application is successful, your personal data may be used for a pre-employment screening check by a third party as permitted by applicable law. Depending on the vacancy and applicable law, a pre-employment screening may include employment history, education and other information (such as media information) that may be necessary for determining your qualifications and suitability for the position.