Не получаете ответ?
Telegram-вакансии старше 7 дней могут быть уже неактуальны.
Вакансия из Telegram канала - Мэтч & Сопровод
Покажет вашу совместимость и напишет письмо
Описание вакансии
SOC Researcher.
Локация: Удаленная работа.
Опыт: 3–6 лет.
Зарплата: ₽. Обсуждается на собеседовании.
Компания: Лаборатория Касперского.
Responsibility:
• Proactively hunt for Indicators of Compromise (IoCs), Indicators of Attack (IoAs), and Advanced Persistent Threat (APT) Tactics, Techniques, and Procedures (TTPs) with a primary focus on endpoint activity and host-based telemetry;
• Analyze endpoint data sources including EDR telemetry, system logs, process activity, file system changes, and memory artifacts to identify signs of malicious behavior and ongoing attacks;
• Leverage host-based forensics and detection techniques to uncover stealthy threats and persistence mechanisms on endpoints;
• Produce detailed incident reports and contribute to post-incident reviews and lessons learned in close collaboration with relevant teams.
Mandatory expertise:
• Practical experience in the identification and investigation of information security incidents, development of recommendations to prevent similar incidents in the future;
• Understanding of the methods, tools and processes to respond to information security incidents;
• Experience in network traffic and log-files analysis from various sources;
• Knowledge of current threats, vulnerabilities, typical of attacks on information systems and tools to implement them, as well as methods for their detection and response;
• Practical experience in forensics artefact analysis (HDD and memory dumps);
• Candidates should possess strong written and oral communications skills.
Desirable expertise:
• Creation, validation, and deployment of correlation rules for SIEMs, signatures or rules for IDS/IPS/NGAV/NGFW;
• Performing static or dynamic malware analysis, and interacting with data from malware analysis tools;
• Experience with Use case management framework: MaGMa, MITRE ATT&CK, etc;
• Knowledge of network protocols, the architectures of modern operating systems and information security technologies;
• Proficiency in python or PowerShell scripting (for both localized automation and analysis of).
✈
#Удаленка #SOC
Локация: Удаленная работа.
Опыт: 3–6 лет.
Зарплата: ₽. Обсуждается на собеседовании.
Компания: Лаборатория Касперского.
Responsibility:
• Proactively hunt for Indicators of Compromise (IoCs), Indicators of Attack (IoAs), and Advanced Persistent Threat (APT) Tactics, Techniques, and Procedures (TTPs) with a primary focus on endpoint activity and host-based telemetry;
• Analyze endpoint data sources including EDR telemetry, system logs, process activity, file system changes, and memory artifacts to identify signs of malicious behavior and ongoing attacks;
• Leverage host-based forensics and detection techniques to uncover stealthy threats and persistence mechanisms on endpoints;
• Produce detailed incident reports and contribute to post-incident reviews and lessons learned in close collaboration with relevant teams.
Mandatory expertise:
• Practical experience in the identification and investigation of information security incidents, development of recommendations to prevent similar incidents in the future;
• Understanding of the methods, tools and processes to respond to information security incidents;
• Experience in network traffic and log-files analysis from various sources;
• Knowledge of current threats, vulnerabilities, typical of attacks on information systems and tools to implement them, as well as methods for their detection and response;
• Practical experience in forensics artefact analysis (HDD and memory dumps);
• Candidates should possess strong written and oral communications skills.
Desirable expertise:
• Creation, validation, and deployment of correlation rules for SIEMs, signatures or rules for IDS/IPS/NGAV/NGFW;
• Performing static or dynamic malware analysis, and interacting with data from malware analysis tools;
• Experience with Use case management framework: MaGMa, MITRE ATT&CK, etc;
• Knowledge of network protocols, the architectures of modern operating systems and information security technologies;
• Proficiency in python or PowerShell scripting (for both localized automation and analysis of).
#Удаленка #SOC
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →
Текст вакансии взят без изменений
Источник -
Похожие вакансии
3 дня назад
Junior Security Operations Engineer (AI)
5 часов назад
Security Engineer (AI)
1 день назад
Staff Cloud Security Engineer (AWS)
1 день назад
Senior Security Engineer (RegTech)
5 часов назад
Sr. Software Engineer - Application Security (Cybersecurity)
6 дней назад