Job Role Overview
Decskill prioritizes the growth and well-being of our team members, fostering a culture of excellence and investing in their development.
Our collaboration with clients involves implementing and managing IT infrastructures that generate long-term value.
We seek an Information Security Analyst for a hybrid position (Porto) where they will oversee various responsibilities:
Mission 1: Threat Analysis
* The candidate will improve correlation and log analysis rules using Splunk.
* They will master diverse alert investigations linked to Tactics, Techniques, and Procedures.
* Conducting prioritization, investigations, research of compromise, and blocking actions are essential duties.
* The analyst will interpret or perform first-level (Sandbox or manual) minimum scans on malicious codes.
Mission 2: Incident Response
* Effective communication and escalation to upper management in case of confirmed incidents are necessary.
* The information security analyst will be the point of reference for technical investigation during incidents with less senior team members.
* Performing retro hunting is required to determine the cause of the incident, the mode of operation of the attack (vulnerabilities use, tactics, techniques, procedures), the scope, and the perimeter of compromise.
Mission 3: Knowledge Transfer
* The role involves transferring in-house knowledge and writing documentation.
* Supporting the up-skilling of less senior analysts is also required.
Required Skills and Qualifications
* SIEM/SOAR skills are necessary, including knowledge of operating principles and experience with Splunk and Regex search syntax.
* Experience with TheHive is also beneficial.
Desirable Skills
* Knowledge of network and system architectures is preferred.
* Understanding of intrusion detection probes and event log correlation tools is desired.
Security Expertise
* A good understanding of Mitre Attack framework and countermeasures linked to technologies and tactics is essential.
* Familiarity with information monitoring and analysis tools and methods is also required.
* Good knowledge of security standards for different technologies is necessary.
* A deep understanding of web application vulnerabilities, malware types, obfuscation and persistence techniques, digital investigation/analysis tools, and Sandbox behavioral analysis is highly desirable.