```html
Job Description
Stimulating. Motivating. Challenging. Leveraging its long-standing expertise in securing digital content as well as fighting piracy, Kudelski Security, a division of the Kudelski Group, is a provider of cybersecurity solutions and services focused on protecting data, processes, and systems for companies and organizations around the world, safeguarding their assets at a time of increasingly remote communications.
Location: Madrid, Spain
Mission
As part of the Kudelski Security's Managed Detection and Response (MDR) department, the Cyber Security Operations Engineer is responsible for delivering to our clients a customized MDR services experience which complements its standard service offering. He will be the privileged liaison between the client and the Cyber Fusion Center for all security operations matters. He will be interacting intensively within the Cyber Fusion Center and with the client staff.
Responsibilities
Threat Monitoring
Be the main point of contact of the Cyber Fusion Center at the client's side.
Support standard Cyber Fusion Center activities such as threat monitoring, security service management, endpoint detection and response, and vulnerability scanning services.
Investigate/remediate incidents escalated by the Cyber Fusion Center or Client's internal units.
Write specific incident response playbooks for the Client.
Define, test, deploy or perform specific use cases and correlation rules, threat hunting activities and threat intelligence activities for the client.
Support large scale incident response activities.
Service Improvement
Perform rules tuning of client SIEM in operation.
Support rules factory program in improving the global set of detection.
Qualify, analyze, and provide recommendations for new standard data source requests.
Support Product teams to build the best new services to fit with Operations capabilities.
Contribute to client's security projects.
Implement new tools or scripts to increase security operations' efficiency.
General Responsibilities
Take responsibility for customer satisfaction and overall success of managed services.
Recommend improvements for Standard Operating Procedures.
Propose enhancements on tools and workflow.
Document actions in tickets to effectively communicate information internally and to customers.
Adhere to policies, procedures, and security best practices.
Requirements / Profile
You have:
Minimum 3 years' experience in information security, particularly in cyber operations.
Excellent client service skills.
Knowledge of incident response processes (detection, triage, incident analysis, remediation, and reporting).
Experience with one or more of the following technologies: EDR/NGAV, SIEM (Splunk), Vulnerability Scanning, Managed Attacker Deception, SOAR.
Experience reviewing and analyzing log data, network packets capture.
Strong knowledge of Windows/Linux OS, network protocols, and scripting languages.
Good knowledge in Cloud and OT/ICS technologies.
An excellent knowledge of the security landscape and different security visibility solutions (SIEM based visibility vs EDR).
These would be a plus:
Technical certifications on vendors' products, Splunk.
Any other languages are an asset.
You are:
A team player who is willing to work closely with our internal stakeholders to help them optimize their deliveries.
Transparent, and able to share/take constructive feedback to help us aim at the greater good.
At ease with solving complex problems by seeking end-to-end and scalable solutions.
Dynamic, with strong interpersonal and communication skills.
Able to handle and prioritize parallel tasks with multiple interfaces.
Autonomous, self-taught, and willing to continuously develop new skills and knowledge.
Fluent in English.
Join us and be part of a rapidly growing company with locations in Switzerland and the United States, who leverages their unique history of innovation and engineering with a pragmatic view of client security, to adopt a different approach to cybersecurity and help change the security paradigm.
When you join us, you'll be part of an industry leader that has a tremendous impact on how our clients approach Cybersecurity strategy. If you love the challenge as much as the rewards and are ready to take your career to the next level, apply today.
Reference: 14915
Publication Date: 03-09-2024
```
#J-18808-Ljbffr
