Professionals at Ackcent Cybersecurity have a common goal: to improve the security of our customers, protect their assets from cyber threats, and provide high-quality service through communication and care for our customers. In this position, you will be part of our SOC Team in charge of the security threat monitoring and incident handling; you will be helping to secure and defend our clients’ assets.
We are looking for professionals with experience in cybersecurity and a broad and deep understanding of Networks, Security Architecture, and Security Monitoring Tools. As a key member of the Ackcent team, you will be in charge of handling security threats and incidents, improving and maintaining tools and procedures, and conducting forensics and malware analysis for further mitigation and threat containment. As a senior position, you will be able to train and support other junior team members and be involved alongside other Ackcent departments in different initiatives and decisions regarding internal and external Security Services.
- Analyzing and verifying security threat monitoring alerts to produce incident identification, classification, and prioritization.
- Creating, improving, and maintaining security monitoring alerts based on correlation of different sources of data,
- Operating and maintaining various IDS/IPS working close with security/network architects to take security monitoring and defenses to the next level.
- Leading the response to security incidents and investigations, working closely with customers and IT providers, following SLA requirements.
- Conducting forensics/malware analysis to extract indicators of compromise for further mitigation and containment, evaluating incident scope and impact.
- Reporting to the SOC Manager and the involved customer CISO/CIO.
- Advicing and training junior team members.
- Proactively monitoring the cyber threat landscape by researching and studying the latest security threats and vulnerabilities to ensure operational tools and processes are up to date.
- Ensuring contractual obligations are met, and SLAs are met or exceeded.
- Managing priorities, deadlines, and deliverables.
- Managing and create improvements and procedures regarding SOC Tools and Operations.
- Computer/Telecommunications Engineering degree or a related discipline.
- More than 3 years of relevant experience in the field of information security.
- Experience working in a Security Operations Centre (SOC) environment.
- Strong technical understanding of network fundamentals and common Internet protocols.
- Knowledge of system administration and security architecture.
- Knowledge of the main security monitoring tools (FW, IDS/IPS, HIDS, WAF, SIEM).
- Experience or proven knowledge of at least one IDS technology.
- Scripting in Bash, Python, or PowerShell.
- Fluent in English (written and spoken).
- Self-motivated with the ability to work independently and as a team member in a challenging environment.
- Proficient in understanding Operating Systems and their architectures: Windows, Unix/Linux, and OSX Operating Systems.
- Windows server administration knowledge.
- Good understanding of Cyber security landscape: Cyber kill chain, TTP, Threat Intelligence ad malware distribution networks.
- Good understanding of information security concepts: defense in depth, BYOD management, data loss protection, risk assessment, and security metrics.
- Three or more years working in a Security Operations Center (SOC) environment.
- Strong analytical and problem-solving skills.
- Strong communication, presentation, and leadership skills, along with the ability to work in a highly collaborative environment.
- Exhibits initiative, follow-up, and follow through with commitments.
- Manages multiple priorities in a high-pressure environment.
- Experience working with AWS or Azure infrastructure.
- Previous experience with malware reverse engineering.
- Related Certification (GCIH, GCFA, GCFE, GREM, CISSP) is a plus.