Desired Skills and Experience
- Monitoring security events from multiple data sources, results analysis, and escalation for remediation. The events will originate from, various sources including but are not limited to DLP, IDS/IPS, antivirus, firewalls and system security logs.
- Gathering additional facts necessary for troubleshooting and resolving the issues, creation action plans, implementing them and observing results
- Developing custom security use cases for the monitoring platforms.
- Identify systems misconfigurations and work with customers to correct them
- Monitor external security blogs, articles, reports, as well as other security intelligence sources to aggregate the data and continuously integrate into the SIEMs
- Building new tools and techniques which automated human-intensive tasks
- Interacting directly with the customers and other teams within F-Secure, therefore very good English (written and spoken) is expected.
- Knowledge of networking technology, stacks and protocols (including but not limited to network protocols, routing, switching, typical network design), typical services network flow, operating systems details, vulnerabilities and attacks
- Basic knowledge about networking devices (routers, switches, appliances such as firewall/IDS/IPS)
- Basic Windows / Linux operating system internals knowledge (with security focus)
- Passion for information security
- Very good English skills (spoken and written)
- Good team player
- Attention to details with emphasis on accuracy and quality with structured way of working
- Ability to communicate technical information, often in the form of verbal and visual operational updates, situation reports and briefings.
- Penetration tester history sysadmin or netadmin background
- Basic practical skills in at least one of high level programming language (e.g. C/C++/C#, Java) or scripting language such as Perl, Ruby, PHP, Python, Bash
- Information security, networking technology or operating system related trainings or certificates