Role Description:
The Senior IT Security Analyst / IT Security Lead is an individual contributor position within the company's global Threat Hunting Team, we are seeking a skilled and motivated Threat Hunting Specialist to join our global team. In this role, you will play a critical part in proactively identifying and mitigating advanced threats across the organization.
...
Leveraging CA&RR (Compromised Assessment & Rapid Response), an advanced persistent threat scanner and other cyber
security tools, you will support the company’s threat hunting operations by proactive identification of threats. The role also include, conducting digital investigations, analyzing security incidents, mitigating cyber risk and providing incident response recommendations.
You will be responsible for managing scans in , evidence acquisition, analysis of malware files, data breaches and unauthorized access by using CA&RR (Compromised Assessment & Rapid Response) & other cyber security tools. You will also have active contributions in the incident investigations and cooperate with CSIRT (Computer Security Incident Response Team), CTI (Cyber Threat Intelligence) and SOC (Security Operations Center) Global Teams. In case there is a
need for follow-up activities and collection of evidence, you will be responsible for coordinating the work of different
cross-functional teams.
Key Accountabilities & Responsibilities:
o scan management for a Compromise Assessment and Rapid Response (CA&RR) tool for various internal customers in
the ERGO group
o analysis of findings in the CA&RR tools (e.g. detecting backdoor, attackers' tools, system misconfigurations, forensics
artifacts or malicious activity)
o development of rapid response playbooks
o analysis of malware files
o creation of custom YARA and Sigma rules
o perform threat hunting iterations based on feed delivered from CTI Team and research on recent campaigns using
EDR, APT Scanner and other security tools
o definition of threat remediation strategies for various internal customers in the ERGO group
o development and refinement of hypothesis to detect threats
o provide detailed reports on threat hunting iterations against known hacker groups
o cooperation with technical teams as the SOC, CTI and CSIRT
Key Competencies & Skills required
Technical Skills:
o Hands-on experience with hardware/software tools used in incident response,
Job Description
For internal use only/Internal (C2)
computer forensics, network security assessments
o understanding of Windows internals and Active Directory environments
o knowledge of Linux environment and Linux forensic skills
o understanding of MS Defender EDR and MS Sentinel environments to use KQL
queries for threat hunting purposes
o general understanding of computer networking concepts and protocols
o understanding of scripting languages
o strong understanding of the Cyber Kill Chain, MITRE ATT&CK Framework, and
modern threat actor TTPs
o ability to stay focused, keep calm and work under high stress
o ability to communicate with technical and business stakeholders
o ability to work in a multinational and multicultural environment
o strong teamwork culture with effective collaboration, cross-group partnership
o being an innovator, creative, passionate, independent, and motivated to make a
difference and help reducing cyber risk for ERGO Group
Must have:
o Excellent written and verbal communication skills to effectively communicate and
collaborate with global teams
o Strong analytical and critical thinking skills to troubleshoot and resolve complex
security issues
o A results oriented, high energy individual who takes pride in their work
Behavioral Skills: o Willingness to learn and quickly adapt to changing requirements.
o Proactive approach to identifying issues and presenting solutions and options
experience
7show more
Role Description:
The Senior IT Security Analyst / IT Security Lead is an individual contributor position within the company's global Threat Hunting Team, we are seeking a skilled and motivated Threat Hunting Specialist to join our global team. In this role, you will play a critical part in proactively identifying and mitigating advanced threats across the organization.
Leveraging CA&RR (Compromised Assessment & Rapid Response), an advanced persistent threat scanner and other cyber
security tools, you will support the company’s threat hunting operations by proactive identification of threats. The role also include, conducting digital investigations, analyzing security incidents, mitigating cyber risk and providing incident response recommendations.
You will be responsible for managing scans in , evidence acquisition, analysis of malware files, data breaches and unauthorized access by using CA&RR (Compromised Assessment & Rapid Response) & other cyber security tools. You will also have active contributions in the incident investigations and cooperate with CSIRT (Computer Security Incident Response Team), CTI (Cyber Threat Intelligence) and SOC (Security Operations Center) Global Teams. In case there is a
...
need for follow-up activities and collection of evidence, you will be responsible for coordinating the work of different
cross-functional teams.
Key Accountabilities & Responsibilities:
o scan management for a Compromise Assessment and Rapid Response (CA&RR) tool for various internal customers in
the ERGO group
o analysis of findings in the CA&RR tools (e.g. detecting backdoor, attackers' tools, system misconfigurations, forensics
artifacts or malicious activity)
o development of rapid response playbooks
o analysis of malware files
o creation of custom YARA and Sigma rules
o perform threat hunting iterations based on feed delivered from CTI Team and research on recent campaigns using
EDR, APT Scanner and other security tools
o definition of threat remediation strategies for various internal customers in the ERGO group
o development and refinement of hypothesis to detect threats
o provide detailed reports on threat hunting iterations against known hacker groups
o cooperation with technical teams as the SOC, CTI and CSIRT
Key Competencies & Skills required
Technical Skills:
o Hands-on experience with hardware/software tools used in incident response,
Job Description
For internal use only/Internal (C2)
computer forensics, network security assessments
o understanding of Windows internals and Active Directory environments
o knowledge of Linux environment and Linux forensic skills
o understanding of MS Defender EDR and MS Sentinel environments to use KQL
queries for threat hunting purposes
o general understanding of computer networking concepts and protocols
o understanding of scripting languages
o strong understanding of the Cyber Kill Chain, MITRE ATT&CK Framework, and
modern threat actor TTPs
o ability to stay focused, keep calm and work under high stress
o ability to communicate with technical and business stakeholders
o ability to work in a multinational and multicultural environment
o strong teamwork culture with effective collaboration, cross-group partnership
o being an innovator, creative, passionate, independent, and motivated to make a
difference and help reducing cyber risk for ERGO Group
Must have:
o Excellent written and verbal communication skills to effectively communicate and
collaborate with global teams
o Strong analytical and critical thinking skills to troubleshoot and resolve complex
security issues
o A results oriented, high energy individual who takes pride in their work
Behavioral Skills: o Willingness to learn and quickly adapt to changing requirements.
o Proactive approach to identifying issues and presenting solutions and options
experience
7show more
