Cyber Security Analyst

Job Description

In this role, you will be responsible for meeting and exceeding Customer service level expectations by Conducting Security Event Monitoring, Incident Triage, Event and Correlation Analysis, Recommending the Mitigation and monitoring the incident workflows till Closure.
We are looking for team members to support our customer in Stockholm, Sweden, reporting to the Service Delivery Manager.  You need to be fluent in Swedish and English with the flexibility to travel between different end user locations.
 
KEY RESPONSIBILITIES:

• Implementation of SPLUNK ES Tool for enabling 24x7 security event monitoring.
• Monitoring of events across the Customer Workplace Environment from the various sources such as Antivirus, Proxy, Firewall, Workstations, and Servers collected into SPLUNK ES (SIEM) Tool.
• Analysis and Correlation of the events along with Threat Intelligence sources for identifying the threats for the environment.
• Analysis and Triaging of ALERTs raised in SIEM to identify possible impact to business and security incident to be created in Marval Ticketing Tool.’
• Analyse the Security Incidents within queue based on priorities
• Review the incident and identify the impact with available inputs and collaboration of service towers
• Re-assign the priority based on identified business impact
• Conduct initial investigation with logs from related security tools such as Antivirus, Vulnerability scanner, Intrusion Prevention
• Identify the required stakeholders for valid communication and remediation
• Monitor the tickets workflow based on agreed remediation measure

 MINIMUM REQUIREMENTS:

• Experience in Security Incident Management process and reporting
• Experience in Information Security Monitoring using SIEM Tool and managing (creating or updating) tickets within Service Management/ Ticketing Tool
• Conduct first level incident investigation using alerts and correlations within SIEM Tool
• Fluent verbal and writing skills in Swedish and English.
• Hands on experience with Any SIEM Tool, Any Antivirus Tool, Any VM Tool

 Good to have:

• CISSP, CEH, ACSA certifications
• Experience in managing and troubleshooting remote log collectors
• Create new correlation rules and channels on demand
• Create report templates and dashboards based on new business requirements
• Experience in Qualys VM, SPLUNK ES, Marval SM Tool