Temps plein | KATARSYS | Switzerland
Posted On 07.05.2021Security Analyst – Tier 2
100% - Perm contract – Zürich
As a member of the MSS Operations team, the MSS Security Analyst Tier 2 is an experienced Security Analyst and is dealing with escalated operational cases. Also, he is deeply involved in the global improvement of the MSS services, on both running services and new services definition/setup. In addition to possessing deep technical and cybersecurity knowledges, an MSS Security Engineer interacts extensively with clients and partners using polite professional etiquette.
Responsibilities
Threat Monitoring
· Manage escalated cases to the Tier-2 queue
· Perform sporadic security incidents triage in 24x7 shifts
o Analyze and respond to security events from SIEM, EDR, FWs, IDS, IPS, AV and other security data sources
o Deliver high quality Incident Handling and investigation
· Be the 2nd level of escalation Tier-1 Security Analysts
· Perform on-call for Threat Monitoring and Security Device Management escalation outside of business hours
Service Improvement
· Perform rules tuning of client SIEM in operation
· Support rules factory program in improving the global set of detection
· Validate Go-to-Active and Go-to-Prod gates of our new clients to ensure a smooth transition to operation
· Continuously improve incident templates in terms of content for the clients and in terms of automation to best support the operation
· Support rollout of new set of rules for MSS clients
· Qualify, analyze and provide recommendations for new standard data source requests
· Support Product teams to build best new services to fit with Operations capabilities (needs, scalability, efficiency)
General Responsibilities
· Take responsibility for customer satisfaction and overall success of managed services
· Be available, ready, and able to accept incoming clients calls
· Recommend improvements for Standard Operating Procedures
· Propose enhancement on tools and workflow
· Respond in a timely manner (within documented SLA) to support tickets.
· Document actions in tickets to effectively communicate information internally and to customers
· Adhere to policies, procedures, and security best practices.
· Mentor fellow Security Engineers and Security Analysts.
Profile
The ideal candidate will be passionate about cyber security and providing excellent client satisfaction. She or he will like the “nuts and bolts” of day to day tactical execution of MSS operations with an emphasis on providing world-class Managed Services. He or she must be a self-driven, team oriented, and highly motivated technology professional familiar with Security Operations.
Experience & Background:
· Minimum 2 years’ experience in information security managing and monitoring security devices or educational equivalent
· Excellent client service skills
· Excellent analytical thinking and problem-solving skills
· Oral and written communication skills
· Excellent IT skills (network, protocols, infrastructure)
· Good knowledge of SIEM technologies
· Good knowledge in cyber security threats and tactics
· Good knowledge in Cloud and OT/ICS technologies
· Windows and Unix/Linux operating system experience
· Experience reviewing and analyzing log data
· Experience reviewing and analyzing network packet captures
Languages:
· German native or C1 and a Very good level of English (oral and written)
· French is a plus
{{getI18n('crm.eeo.revisit.message')}}
{{getI18n('zr.eeo.questionnaire.portal.maintitle')}}{{getI18n('Description')}}{{unescape(getI18n('zr.eeo.questionnaire.portal.description.mail'))}}
{{getI18n('zr.eeo.questionnaire.portal.maintitle')}}{{getI18n('Description')}}
{{unescape(getI18n('zr.eeo.questionnaire.portal.description.mail'))}}
{{question.QUESTIONTEXT}}{{options.OPTIONTEXT}}
{{ltPropLabel}} {{ltPropLabel}} {{ltPropLabel}} {{ltPropLabel}} {{ltPropLabel}} {{ltPropLabel}} {{ltPropLabel}} {{unescape(list[ltPropHeaderLabelKey])}} {{unescape(lyteUiGetValue(list.body,header[ltPropBodyLabelKey]))}} {{unescape(lyteUiGetValue(list,header[ltPropBodyLabelKey]))}}{{ltPropLabel}}{{ltPropLabel}}{{ltPropLabel}}{{ltPropLabel}}{{ltPropLabel}}{{item.time}}{{item.interval}}{{ltPropLabel}}{{item.time}}{{item.interval}}{{ltPropLabel}}{{ltPropMessage}}{{lyteUiI18n(ltPropMessage,"fileupload")}}( {{lyteUiFileSize(item.size,ltPropFileUnit,ltPropDigits)}} )( {{lyteUiFileSize(item.size,ltPropFileUnit,ltPropDigits)}} ){{lyteUiI18n(ltPropFailureMessage,"fileupload")}}{{lyteUiI18n(ltPropRetryText,"fileupload")}} {{lyteUiI18n(ltPropMessage,"fileupload")}} ( {{lyteUiFileSize(item.size,ltPropFileUnit,ltPropDigits)}} )( {{lyteUiFileSize(item.size,ltPropFileUnit,ltPropDigits)}} ){{lyteUiI18n(ltPropFailureMessage,"fileupload")}}{{lyteUiI18n(ltPropRetryText,"fileupload")}}{{ltPropValue}}{{lyteUiI18n('today')}}
{{topMessage}}Job Details{{ziaSuggestion.jobName}}{{ziaSuggestion.jobName}}{{trimContent(currentJob.location,25)}} {{currentJob.location}} {{trimContent(currentJob.type,25)}} {{currentJob.type}}
{{trimContent(currentJob.description,150)}} {{currentJob.description}}
{{trimContent(currentJob.location,25)}} {{currentJob.location}} {{trimContent(currentJob.type,25)}} {{currentJob.type}}
{{trimContent(currentJob.description,150)}} {{currentJob.description}}
{{trimContent(currentJob.location,25)}} {{currentJob.location}} {{trimContent(currentJob.type,25)}} {{currentJob.type}}
{{trimContent(currentJob.description,150)}} {{currentJob.description}}
Step {{curStepInMandatorySecPrompt}}/{{totalNumOfStepsInMandatorySecPrompt}}
For privacy and security purposes, please go through the following points and provide consent.{{getI18n('zr.candidateportal.register.success.heading')}}
{{getI18n('zr.candidateportal.register.success',meta.companyName)}}
{{getI18n('zr.candidateportal.update.afterLogin')}} {{getI18n('zr.candidateportal.login.register.company')}} {{meta.companyName}}{{getI18n("zr.candidateportal.poweredby")}}
{{unescape(sanitizeHTML(cxPropMessage))}}