Devoteam Alegri GmbH
Location
Bilbao, Vizcaya | Spain
Job description
Expertise to analyse, manage and investigate cyber incidents.
Handle and respond to cyber security incidents to ensure comprehensive and cohesive world class response: First triage activities, Analyze incidents and determine their impacts, Notification and Escalation of incidents according to its impacts, Participate in the containment, eradication, and recovery of major incidents, Document and keep track of every activity related with the incident response process.
Develop a post mortem analysis of systems and networks.
Manage complex cyber security incidents globally across the group. Become part of a world class capability that will own, respond and coordinate significant incidents ensuring successful resolution and adopting lessons learnt to increase the cyber resilience.
Orchestrate the necessary human and technical resources for the resolution of high impact cyber incidents.
Design and supervise an organized approach to address and manage the aftermath of a security breach or cyberattack in order to limit damage on internal systems, data, and networks and reduce recovery time and costs.
Drive continuous improvement in Santander´s cyber response capability through your involvement in the cyber readiness programme across the Global Cyber Respond Team.
Review and coordinate projects related with the development and improvement of Incident Response plans, policies, and procedures ensuring a consistent, professional and disciplined approach.
Participate in the cyber exercises programme to develop capabilities globally:
Design and execute focused development plans for entities and internal teams, addressing gaps in capability through innovative training solutions and cyber exercises, such as:
Live simulation / table top to test processes, such as critical business and technical playbooks.
Technical simulations, such as Cyber Ranges
Skills labs on the use of cyber incident orchestration tools and threat intelligence platforms.
Preparation and final QA of incident reports and minutes oriented to senior management audience.
Contribute to the establishment of a strong and collaborative Global Community between Cyber Threat Units.
Collaborate with key stakeholders within the bank, such as Global Forensics, Global Security Operations Centre, Corporate Security & Intelligence, Global Cyber Fraud, and the Secure User Experience team, among others.
Be available to participate in the incident response procedure in 24x7 basis, 8/hour shifts, and On-Call scheme.
We are looking for a Pentester to join the Purple teamwithin ourInfrastructure, Production & Securitybusiness unit.
The candidate will have four main duties:
1. Analyst
Develop new logs analysis and correlation rules and maintain existing rules and different components of the SIEM alerting GUI (Dashboard, Alerting, etc.)
Create the search algorithm;
Investigation and statistics analysis;
First-level diagnoses of the malicious codes (Sandbox or manually);
Understand new vulnerabilities and their exploitations, advise and follow the remediation with the concerned IT team;
Understand how new cyberattacks can target Natixis IS;
Find relevant IOC sources to feed security monitoring tools;
Create or find patterns to anticipate and detect new attacks;
2. BlueTeam
Test and improve detection alerts and security tools during penetration tests
Advise and help IT on cyber security investigations;
3. Training
Self-training to rise in expertise:
Exploitation of new vulnerabilities.
Methods and tools (survey, training, international conferences, …)
4. RedTeam
Carry out security assessments on the organization's IT infrastructure and web applications.
Deliver and present a report of the findings.
Job tags
Salary
