Security Operation Center Analyst / NEWPUSH EUROPE KFT

Fórumok

logo

 

Security Operation Center Analyst

NewPush was formed in 1999 in Denver, Colorado with the vision of providing high reliability and low price hosting. Our services include IaaS (Infrastructure as a Service), PaaS (Platform as a Service) and SaaS (Software as a Service). Our clients include different size commercial companies ranging from startups to enterprises as well as public sector clients.We focus on reliability, quality, price, integrity and ease of doing business. Given our customers’ needs to host data within their geographies, we provide our own data center hosting capabilities within the US and European Community, and through IBM SoftLayer data-centers throughout the world.

Task:

To inform about the cyber threats and make improvements in the organization to protect it from any malicious attack. Review incident notifications, then run vulnerability assessments and report their findings to their seniors.

  • Monitor the security access and report probable cyberattacks to a superior employee in the company
  • Perform risk analysis and security operations to find any vulnerability that can have an impact on the company
  • Find security breaches, along with their root cause
  • Create reports that will allow experts to make changes in the security policies as per the needs of the organization
  • Come up with improvement strategies for better company security
  • Update the company’s security systems regularly to avoid any cyberattack
  • Perform security audits

Expectation:

  • You need to be able to defend the network. It will allow you to monitor, discover, and analyze any possible threats through the Internet that can disturb the network. 
  • You should have the skills to keep the network traffic in check and respond to any skeptical activities.
  • Need to have the required knowledge to find probable threats and report the vulnerabilities so that the company stays protected from attacks. 
  • Need  to have an understanding of perpetration testing to test systems, networks, web applications, and more and find vulnerabilities.
  • You must have the skills to manage various effects of breaches to reduce their impact and suggest changes in the security controls to prevent the company from any future security breaches.
  • You should be familiar with computer forensics to successfully prevent any form of cybercrime in the organization. 
  •  Furthermore, you need to collect, analyze, and report security data. Besides, you must also find and analyze evidence to prevent any future possible security breaches.
  • You need to be able to understand and read the performance of a given software program such that you will be capable of patching a bug.

What we offer:

A security operations center (SOC) analyst is a cybersecurity staff member who is responsible for monitoring and fighting threats to an organization's IT infrastructure. He or she is in charge of assessing security systems, identifying and patching vulnerabilities, and improving cyber resilience.

How to apply/ contact information:

https://www.profession.hu/allas/1710357

Hozzászólások

You need to be able to defend the network.

the company stays protected from attacks

prevent any form of cybercrime in the organization

LOL

úgy tűnik a hirdető nincs igazán képben mit is csinál egy SOC Analyst. - vagy úgy a SOC egyátalán.

 

Az idézett dolgokat biztosan nem.

Sőt, a vázolt  elvárások és feladatok logikai buktatókkal vannak tűzdelve, és erős fogalmi zavarokról árulkodnak:

Monitor the security access and report probable cyberattacks to a superior employee in the company

Ez itt egy L1 feladatkör, de a superior employee már érdekes :)

 

Create reports that will allow experts to make changes in the security policies

Tehát nem ő az expert, ő csak reportot csinál nekik...

 

Ezzel szemben az elvárásokat egy hacker, pentester, vagy threat hunter de még egy orákulum sem tudja teljesíteni, mert a legtöbb életidegen.

 

Ez különösen tetszik:

You should be familiar with computer forensics to successfully prevent any form of cybercrime in the organization.

Ahol is a "computer forensics" szerinte egy olyan tevékenyég ami megakadályozza a cyber bűnözést :)

 

vagy:

You need to be able to understand and read the performance of a given software program such that you will be capable of patching a bug.

Tehát egyből javítsa is a megtalált problémákat? :)

 

Mindezekkel szemben a valóságban egy SOC Analyst legjobb esetben is csak a már megtörtént események után kutat, de legtöbbször még itt is csak az olyanok után képes, amikhez már valaki más adott némi támpontot ;) Semmilyen esetben sem foltoz lyukakat, vagy szüntet meg cyber bűnözést. De a hálózatot sem képes soha megvédeni...

 

De ezt még felütik egy ilyennel, hogy:

He or she is in charge of assessing security systems, identifying and patching vulnerabilities, and improving cyber resilience

a felelős mindezekért a CISO - vagy ehhez hasonló munkakörben dolgozó VEZETŐ, de biztosan nem a szerencsétlen Analyst.

 

szerintem.