Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

Dell Incident Response Advisor 
Romania, Bucharest 
685861972

27.06.2024

Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

:

  • Review security-related events and assess their risk and validity based on available telemetry from network, endpoint, and global threat intelligence information in order to provide clients with concise, detailed, and well-written incident reports, root causes identification, and remediation recommendations
  • Provide customers with understandable context around their security environment and threats
  • Interface with clients to address their issues, concerns, and questions, and drive to satisfactory closure any issues that impact the service and its value
  • Work with client and internal SecureWorks incident response teams to resolve ongoing intrusions, malware outbreaks, and other security incidents
  • Provide mentorship to SecureWorks team members and clients on security strategy, tactics, techniques, and procedures
  • Use the SecureWorks platform to proactivity hunt for and investigate activity within the client environment
  • Provide support for all other teams involved in the delivery of the service whenever they have questions or requests from clients about specific investigations/alerts/chat/tickets.
  • Provide feedback on flows/processes/tools issues and reported them according to internal processes.


:

  • Ability to write scripts to automate new and existing tasks
  • Strong technical communication skills, both written and verbal
  • Attention to detail and great organizational and time management skills
  • Excellent problem-solving skills that would allow for the ability to diagnose and troubleshoot technical issues
  • Client-focused with a passion for delivering service excellence
  • Strong sense of urgency and ability to work under pressure
  • Possess high standard of integrity and confidentiality


Education and Experience

  • 3-5+ years of relevant experience or equivalent combination of education and work experience:
  • Completion of a Bachelor’s degree or equivalent program in Computer Science, Network Security, Information Security or other applicable field and 3-5 years of work experience in the field

Good experience with and excellent understanding of:

  • Security mechanism build within Operating systems
  • Fundamental Internet protocols, services and technologies (e.g., HTTP/HTTPS, DNS, SMTP, SSH, LDAP, TCP/IP, UDP, ICMP, JSON, REST, etc.)
  • Common security controls (e.g., firewalls, proxies, IDS/IPS, WAF, etc.)

Experience with and strong understanding of:

  • Performing both endpoint and network-based investigations
  • Reviewing logs to identify evidence of past intrusions
  • Pivot off indicators within networks to identify the scope and breadth of attacks
  • Malware and exploit kit functionality
  • Operating system and application exploits
  • Lateral movement, living-off-the-land, and persistence establishment mechanisms
  • Detection of anomalous system activity