年薪5w+！知名信息通讯业者SITA招聘全职团队领导服务运营人员，技术大神们快看过来！

●  招聘公司：SITA

●  公司简介：我们通过全球最广泛的网络，为航空运输、全球分销系统和政府客户提供和管理复杂的业务解决方案。我们独特的行业知识源于我们对跨地域、语言和文化的客户问题的理解。我们与业界机构合作，为航空运输业(ATI)提供广泛的通讯及资讯科技服务。

●  招聘职位：团队领导服务运营

●  职位性质：全职

●  职位薪酬：$50,000+

●  申请链接：https://sita.taleo.net/careersection/3/jobdetail.ftl?job=29419&tz=GMT-05:00&tzname=America/Chicago

●  工作内容：

• 监控来自SIEM和其他威胁检测系统的威胁活动的安全日志源和警报。解释、分析并提出解决问题的建议。
• 寻找潜在的内部和外部威胁，开发检测机制和报告。
• 按照事件响应流程处理安全事件。
• 确保与解决方案组就优先行动项目进行及时和充分的后续行动。
• 制作保安事故报告及建议。
• 跟踪、维护和帮助SOC过程和程序的发展，包括用例、SOP等。
• 与解决方案组一起评估和推荐新的安全实践和解决方案。
• 为其他资讯科技团队及客户提供保安意见及提升保安意识。
• 通过对噪音和假阳性采取行动，积极改进我们的威胁检测和团队效率。
• 通过利用来自过去事件、沙箱报告、恶意软件逆转和数据取证的威胁信息，帮助生产威胁情报和IoC。
  

●  Responsibilities：

• Monitoring security logs sources and alerts from the SIEM and other threat detection systems for threats activity. Interpreting, analyzing and making recommendations for resolution.
• Hunting potential internal and external threats and developing detection mechanisms and reports.
• Handling security incidents in line with the incident response processes.
• Assuring the prompt and adequate follow-up on priority action items with resolver groups.
• Producing security incidents reports and recommendations.
• Following, maintaining and helping in the evolution of the SOC processes and procedures, including use case, SOP, etc.
• Working with resolver groups to evaluate and recommend new security practices and solutions.
• Providing security advices and promoting security awareness to other IT teams and clients.
• Working actively on evolving our threats detection and team efficiency by acting on noise and false positive.
• Helping in the production of threat intelligence and IoC by leveraging threats information from past incidents, sandboxes reports, malware reversing and data forensic.
  

●  职位要求：

• 有领导SOC技术资源的经验。
• 丰富的SIEM技术、端点保护、id和其他安全技术经验；
• 良好的分析和解决问题的能力；
• 具备Windows服务器、Linux或网络方面的信息技术经验；
• 对各种平台(从防火墙、域控制器到IDS等)的系统和应用程序日志有良好的理解；
• 必须具备多种安全技术的专业知识，以及丰富的安全事件处理经验；
• 熟悉威胁情报数据、IoC、威胁行动者、kill chain、Stix/Taxii等；
• 具备regex、IDS签名、SPL和SQL等函数技能者优先；
• 具备网络分析、沙箱、恶意软件逆转或取证方面的技能；
• 具有IT遵从性评估的经验(Iso27k等)；
• 熟悉SIEMs和日志收集系统(McAfee, Arcsight, Splunk, Elastic, AlienVault, QRadar)。
  

●  Requirements：

• Significant experience working within a mature SOC organization or as a security threat analyst in an equivalent security environment.
• Experience in Leading SOC technical resources.
• Strong experience of SIEM technologies, endpoint protection, IDS and other security technologies (preferable Elastic Search / ELK solution stack)
• High level of analytical and problem-solving skills.
• Experience in information technology in Windows servers, Linux or network.
• Excellent understanding of system, and application logs from a variety of platforms, from firewall, domain controllers to IDS, etc.
• Technical expertise in multiple security technologies is a must, as is extensive security incident handling experience.
• Good knowledge of threat intelligence data, IoC, threat actors, kill chain, Stix/Taxii, etc.
• Having experience in the pen testing/ethical hacker field is a plus.
• Functional skills with regex, IDS signature, SPL and SQL is a plus.
• Skills in network analysis, sandboxing, malware reversing or forensic is an asset.
• Experience with IT compliance assessments (Iso27k etc.).
• Proven knowledge of SIEMs & log collection systems (McAfee, Arcsight, Splunk, Elastic, AlienVault, QRadar)
  

扫描下方二维码获取更多招聘信息

招聘资讯联系小编发布