蒙城汇

标题: 年薪5w+!知名信息通讯业者SITA招聘全职团队领导服务运营人员,技术大神们快看过来! [打印本页]
作者: 蒙特利尔求职招聘    时间: 2019-6-25 09:55
标题: 年薪5w+!知名信息通讯业者SITA招聘全职团队领导服务运营人员,技术大神们快看过来!
[attach]1738338[/attach]

●  招聘公司:SITA

●  公司简介:我们通过全球最广泛的网络,为航空运输、全球分销系统和政府客户提供和管理复杂的业务解决方案。我们独特的行业知识源于我们对跨地域、语言和文化的客户问题的理解。我们与业界机构合作,为航空运输业(ATI)提供广泛的通讯及资讯科技服务。
●  招聘职位:团队领导服务运营
●  职位性质:全职
●  职位薪酬:$50,000+
●  申请链接https://sita.taleo.net/careersection/3/jobdetail.ftl?job=29419&tz=GMT-05:00&tzname=America/Chicago

●  工作内容:
  • 监控来自SIEM和其他威胁检测系统的威胁活动的安全日志源和警报。解释、分析并提出解决问题的建议。
  • 寻找潜在的内部和外部威胁,开发检测机制和报告。
  • 按照事件响应流程处理安全事件。
  • 确保与解决方案组就优先行动项目进行及时和充分的后续行动。
  • 制作保安事故报告及建议。
  • 跟踪、维护和帮助SOC过程和程序的发展,包括用例、SOP等。
  • 与解决方案组一起评估和推荐新的安全实践和解决方案。
  • 为其他资讯科技团队及客户提供保安意见及提升保安意识。
  • 通过对噪音和假阳性采取行动,积极改进我们的威胁检测和团队效率。
  • 通过利用来自过去事件、沙箱报告、恶意软件逆转和数据取证的威胁信息,帮助生产威胁情报和IoC。
●  Responsibilities:
  • Monitoring security logs sources and alerts from the SIEM and other threat detection systems for threats activity. Interpreting, analyzing and making recommendations for resolution.
  • Hunting potential internal and external threats and developing detection mechanisms and reports.
  • Handling security incidents in line with the incident response processes.
  • Assuring the prompt and adequate follow-up on priority action items with resolver groups.
  • Producing security incidents reports and recommendations.
  • Following, maintaining and helping in the evolution of the SOC processes and procedures, including use case, SOP, etc.
  • Working with resolver groups to evaluate and recommend new security practices and solutions.
  • Providing security advices and promoting security awareness to other IT teams and clients.
  • Working actively on evolving our threats detection and team efficiency by acting on noise and false positive.
  • Helping in the production of threat intelligence and IoC by leveraging threats information from past incidents, sandboxes reports, malware reversing and data forensic.
●  职位要求:
  • 有领导SOC技术资源的经验。
  • 丰富的SIEM技术、端点保护、id和其他安全技术经验;
  • 良好的分析和解决问题的能力;
  • 具备Windows服务器、Linux或网络方面的信息技术经验;
  • 对各种平台(从防火墙、域控制器到IDS等)的系统和应用程序日志有良好的理解;
  • 必须具备多种安全技术的专业知识,以及丰富的安全事件处理经验;
  • 熟悉威胁情报数据、IoC、威胁行动者、kill chain、Stix/Taxii等;
  • 具备regex、IDS签名、SPL和SQL等函数技能者优先;
  • 具备网络分析、沙箱、恶意软件逆转或取证方面的技能;
  • 具有IT遵从性评估的经验(Iso27k等);
  • 熟悉SIEMs和日志收集系统(McAfee, Arcsight, Splunk, Elastic, AlienVault, QRadar)。
●  Requirements:
  • Significant experience working within a mature SOC organization or as a security threat analyst in an equivalent security environment.
  • Experience in Leading SOC technical resources.
  • Strong experience of SIEM technologies, endpoint protection, IDS and other security technologies (preferable Elastic Search / ELK solution stack)
  • High level of analytical and problem-solving skills.
  • Experience in information technology in Windows servers, Linux or network.
  • Excellent understanding of system, and application logs from a variety of platforms, from firewall, domain controllers to IDS, etc.
  • Technical expertise in multiple security technologies is a must, as is extensive security incident handling experience.
  • Good knowledge of threat intelligence data, IoC, threat actors, kill chain, Stix/Taxii, etc.
  • Having experience in the pen testing/ethical hacker field is a plus.
  • Functional skills with regex, IDS signature, SPL and SQL is a plus.
  • Skills in network analysis, sandboxing, malware reversing or forensic is an asset.
  • Experience with IT compliance assessments (Iso27k etc.).
  • Proven knowledge of SIEMs & log collection systems (McAfee, Arcsight, Splunk, Elastic, AlienVault, QRadar)


[attach]1738339[/attach]

扫描下方二维码获取更多招聘信息

招聘资讯联系小编发布

[attach]1738340[/attach]






欢迎光临 蒙城汇 (https://mengchenghui.com/) Powered by Discuz! X3.4