Security Analyst – Security Operations
Sylvamo
Madrid, Spain
hace 6 días
source : Just Join IT

Risk Management (master)

Cybersecurity (master)

Sylvamo

We are the world’s paper company, producing a family of trusted brands that honor our shared ecosystem and enable the connections that only paper can provide.

The future of paper deserves a company committed to the success of the entire ecosystem. Our purpose is to produce the paper the world relies on in the most responsible and sustainable ways.

Why is this job for You

Cyber Security Analyst position is part of the Global Information Security organization. The Incident Response & Vulnerability Management Specialist will be responsible for monitoring enterprise networks and systems, detecting events, and reporting on threats that are directed against those systems.

The Incident Response & Vulnerability Management Specialist will collaborate with global teams to assist with efficient triage and remediation of events in the incident queue.

Additionally, the specialist will work with investigative groups such as Legal, Internal Audit, and others to provide guidance and support for investigation, forensics, and e-Discovery requests.

The Cyber Security Analyst will provide Sylvamo with a fully comprehensive array of analytical activities in support of external threat monitoring, detection, event analysis, and incident reporting efforts to include, analysis of inbound and outbound internet traffic, suspicious e-mail messages, and cloud security logs.

You will

  • Lead detailed investigations and analysis of security-related findings, including those escalated from the SOC (Security Operations Center).
  • Act as incident commander and drive security incidents to closure, coordinating task forces made up of various teams across the organization to ensure comprehensive mitigation.
  • Support forensics analysis and e-Discovery requests for legal and associated investigations.
  • Communicate and document incident response activities in an authoritative and actionable manner.
  • Perform root cause analysis, lessons learned activities, and create action plans that will prevent or mitigate against future incidents.
  • Develop and maintain playbooks and monitoring use cases.
  • Participate in on-call rotation.
  • Support complex computer network exploitation and defense techniques.
  • Provide technical support for continuous monitoring, computer exploitation, and reconnaissance.
  • Research and maintain proficiency in open and closed source computer exploitation TTP's.
  • Provide external threat monitoring, detection, event analysis.
  • Provide analysis of inbound and outbound internet traffic, suspicious e-mail messages, and cloud security logs.
  • Lead the review of security vulnerabilities across a variety of technologies and environments to determine high risk vulnerabilities to business assets.
  • Lead meetings with business partners to ensure remediation efforts adhere to corporate standards and policies.
  • Provide expert level analysis / validation of remediation actions taken, opportunities for improvements and out of the box thinking for optimizations and solving road blocks.
  • Identify attack surface reduction opportunities via vulnerability data analysis, trends and asset metadata review as well as collaboration with threat intelligence and technology management.
  • Create reports and dashboard to support cyber security metrics.
  • Manage, maintain and support Sylvamo’s Vulnerability Management technologies and services (end-to-end).
  • You have

  • Bachelor’s Degree in Information Technology, Information Security / Assurance, Computer Science, Engineering, or related field of study, or any combination of relevant equivalent experience, education and training
  • 7+ years of overall IT work experience
  • 4+ years in an Information Security Role
  • Proven leadership skills with the ability to manage conflict, deal with ambiguity, negotiate and make timely decisions
  • An advanced understanding and practical application experience in threat detection and response as well as Vulnerability Management and security related technologies and services is a must
  • Understanding of a variety of technical concepts such as : Networking, systems administration, application development, cloud computing and information security best practices
  • Experience with data analytics with the ability to provide qualitative analysis and recommendations
  • Ability to assess and communicate risk within a business context
  • Strong attention to detail, data accuracy, and data analysis
  • Self-motivation and ability to operate with a high sense of urgency and a high level of integrity
  • Ability to comfortably interface with other internal or external organizations regarding security policy and standards violations, security controls failure and incident response situations
  • Security Certification preferred : CISSP, CISM, GIAC or CISA or similar
  • The IR & Vulnerability Management Specialist preferably has knowledge of or limited experience with the following tools : SIEM, Email / Phishing, Major Cloud Providers (Azure preferred).
  • AV / EDR, Networking Equipment, Endpoint Logging (Windows, Linux), Vulnerability Management, Encase, Cellebrite or other mobile forensics software

    We offer

  • Working in a multinational environment with a great atmosphere
  • Private medical care
  • Possibility to self-develop and participate in trainings
  • Sharing the costs of foreign language classes, trainings & courses
  • Pre-paid cards, holiday funds, shopping coupons
  • Integration events, family picnics and charity initiatives
  • Employee referral program
  • and more!
  • Reportar esta oferta
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Inscribirse
    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
    Continuar
    Formulario de postulación