The international company Diebold Nixdorf – the name for innovative IT solutions. You know our customers from the high street. They are top brands in the banking and entire retail industry, e.g. in food, fashion, fuel, and furniture. We operate internationally, providing high-performance hardware and software, consulting, and global services in more than 130 countries, with approximately 25000 employees.

Sr. Security Analyst (Managed Security Services Operations)

Position Overview

This role will perform data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats in the financial sector. The position focuses on data analytics leveraging your understanding of the tactics, techniques, and procedures employed by advanced threats combined with intelligence from multiple sources. Additionally, you will provide reporting and briefings to customers in order to maintain appropriate levels of situational awareness.

Remote work, work from home.

You are responsible for

Support a 24/7/365 Security Operations Center and monitor security tools
Provide Tier 2 analysis response to security incidents
Respond to cybersecurity events and incidents caused by internal and external threats to our clients, coordinate response activities with various stakeholders, and recommend mitigation strategies
Handle incidents as defined in playbooks and standard operating procedures, and advise on remediation actions
Perform deep-dive incident analysis by correlating data from various sources and determine if a critical system or data set is affected
Identify and design use case algorithms
Assist customers in implementing sound and secure logging practices, deployment of agents and sensors
Leverage advanced knowledge of security operations, cyber security tools, intrusion detection, and secured networks to integrate with the SIEM platform
Triage emerging threats to protect assets and information in client environments.
Partner with cross-functional technical teams to share expertise, research threats, and implement solutions
Present reports and produce communications, newsletters and other forms of communication that may be both internal and client facing, to include leadership and executive management
Draft root cause analysis reports and recommendations after cybersecurity incidents
Identify risk areas that will require vulnerability prevention
Stay current with security technologies and make recommendations for use based on business value

Qualifications

At least 3 years’ experience working with IBM QRadar
At least 2 years’ experience working in a Security Operations Center
At least 2 years’ experience working in Managed Security Services environment
SIEM administration, configuration, and optimization experience with platforms such as AlienVault, IBM QRadar, ArcSight or Splunk
Threat hunting experience
Malware reverse engineering and outbreak management experience
Experience participating in and acting as an escalation point for complex network threat investigations
Linux command line experience
Experience and knowledge of public cloud environments, specifically AWS and Azure
Knowledge of regular expressions and data normalization
Experience configuring, integrating, and monitoring endpoint protection solutions such as Symantec Endpoint Protection, Carbon Black, or CrowdStrike
Understanding of network protocols coupled with experience with web proxies, web application firewalls, and vulnerability assessment tools.
Experience working in a team-oriented, collaborative environment with a high level of analytical and problem-solving abilities
Positive attitude with strong oral and written communication skills
Knowledge of IP networking and network security including Intrusion Detection
Familiarity with common network vulnerability/penetration testing tools
Familiarity with service management software such as SMAX
Some experience with system hardening guidance and tools
Experience on an incident response team performing Tier I/II initial incident triage, desired
Experience supporting clients and serving as a technical advisor
Familiarity with the financial Sector a plus
Ability to anticipate and respond to changing priorities and operate effectively in a dynamic demand-based environment requiring flexibility and responsiveness to client matters and needs

Preferred Qualifications

BS/BA in Information Security, Computer Science or related engineering discipline
Financial services industry experience is a plus

What will you receive:

  • Possibility to travel – You have the possibility to visit clients all over the world
  • Flexible working hours – We trust each other and we do things our way
  • 5 weeks of vacation – We love our work, but we do not live to work
  • Mobile phone and notebook – We offer an unlimited tariff and 3GB of data

And other small things that make our lives more pleasant:

  • MAKRO card – To save on shopping
  • Relaxation zones – When your head is tired
  • Meal vouchers – We are located in the center, a great selection of food is guaranteed
  • Cafeteria bonus scheme – choose the benefit you like
  • Public transport contribution – We contribute to your year-long fare

Informace o pozici

Společnost
Diebold Nixdorf s.r.o.
Address
Siemensova 2717/4, Praha – Stodůlky
Required education: Basic
Required languages: English (Proficient)
Benefits: Bonuses, Cell phone, Notebook, Contributions to the pension / life insurance, Flexible start/end of working hours, Meal tickets / catering allowance, Holidays 5 weeks, Work mostly from home
Listed in: IS/IT: Consultations, analyses, and project management, IS/IT: System and HW administration, Technology and development, IT Security Specialist
Employment form
Employment form: Full-time work
Contract duration
Contract duration: Permanent
Employment contract
Employment contract: employment contract
Employer type: Employer

Diebold Nixdorf s.r.o., Ivana Pospíšilová