Senior Cyber Intelligence Analyst-Endpoint -EMEA (Remote) GA783

Senior Cyber Intelligence Analyst-Endpoint -EMEA (Remote) GA783

25 sep
|
Fortinet
|
España

25 sep

Fortinet

España

We are looking for a  Tactical Threat Analyst  to work in a dynamic and exciting new position reporting to the Security Operations Center Manager. The analyst will work directly with members of a world class incident response and forensics team. Our team is comprised of individuals with strong knowledge in malware hunting and analysis, reverse engineering, multiple scripting languages, forensics and Threat Actors TTPs. In this customer facing role the analyst’s main objective is to find evil, stop the bad guys and provide superior customer service to our customers globally. In your daily tasks you will review and investigate security events from our Fortinet’s XDR platform as well as analysis of forensic data and end-point events,

perform malware analysis, reverse engineering, and respond to multiple security incidents. In addition, from time to time the analysis will help to create threat research work products such as blogs and presentations.



  Responsibilities:



- Review incoming security events to perform initial triage of events primary from our FortiEDR technology

- Identify and analyze events that appear highly suspicious and notifying customs of malware infections

- As needed conduct host-based analysis and forensic functions on Windows, Linux, and Mac OS X systems

- Work on escalated events and help to assist other team members

- Assist in enhancing and tuning Fortinet’s Cloud Services and Automated Incident Response (AIR) system

- Review firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity

- Leverage our FortiEDR platform to conduct investigations to rapidly detect, analyze and contain security threats

- Perform memory forensics and file analysis as needed

- Monitor FortiGuard Labs data and open-source intelligence outlets to maintain proficiency in latest threat actor tactics and techniques

- Preform reverse engineering of threat actor’s malicious tools



  Required Skills:



- Experience with of at least one scripting language: Shell, Ruby, Perl, Python, etc

- Strong knowledge of operating system internals, endpoint security experience an active directory a must

- Experienced with EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, WireShark, TCPDump, and open-source forensic tools a plus

- Demonstrate relevant experience as a contributing member of a security operations, threat intelligence or incident response team 

- Experience with malware analysis tools such as IDA Pro, OllyDbg, Immunity Debugger a plus

- Hands-on experience dealing with APT campaigns, attack Tactics, Techniques and Procedures (TTPs), memory injection techniques, static and dynamic malware analysis and malware persistence mechanism

- Hands-on experience with memory forensics

- Excellent written and verbal communication skills a must

- Reading and writing skills of non-English languages such as Chinese and Russian a plus

- Analysis of Linux and MAC binary files and the understanding of MAC internals is a plus but not required.

- Highly motivated, self-driven and able to work both independently and within a team

- Able to work under pressure in time critical situations and occasional nights and weekends



Education:



- Bachelor’s Degree in Computer Engineering, Computer Science or related field

- Or extensive experience with incident response and or Forensics

- GCFA, GCIH, GCFE, GREM or any other related GIAC certification a plus

- other related GIAC certification a plus

El anuncio original lo puedes encontrar en Kit Empleo:
https://www.kitempleo.es/empleo/18933932/senior-cyber-intelligence-analyst-endpoint-emea-remote-ga783-espana/?utm_source=html

Postulate a este anuncio

Muestra tus habilidades a la empresa, rellenar el formulario y deja un toque personal en la carta, ayudará el reclutador en la elección del candidato.

Suscribete a esta alerta:
Escribe tu dirección de correo electrónico, te permitirá de estar al tanto de los últimos empleos por: senior cyber intelligence analyst-endpoint -emea (remote) ga783
Publica un nuevo anuncio gratuito
Necesitas publicar un anuncio? Con más de 1 millón de usuarios únicos al mes en corto encontrarás el candidato ideal para tu empresa, ¿qué estás esperando!
Publica ahora

Suscribete a esta alerta