Skip directly to search

Skip directly to content

 

Bogota

Senior Security Analyst

Infrastructure
 
 

Responsibilities

  • Detect and respond to malicious behavior on cloud systems, SaaS, workstations, servers, and networks
  • Optimizes threat detection products for data loss prevention (DLP), security information and event management (SIEM), advanced email protection, endpoint detection and response (EDR), antivirus, cloud security products, intrusion detection systems, and other industry standard security technologies
  • Review and respond to escalated security events
  • Proactively hunting threats within our environment
  • Write detection signatures, tune systems / tools, develop automation scripts and correlation rules
  • Maintain knowledge of adversary tactics, techniques, and procedures (TTP)
  • Conduct forensic analysis on systems and engage third-party resources as required
  • Provide timely and relevant updates to appropriate stakeholders and decision makers

 

Qualifications and Experience

  • 2+ years of relevant security experience
  • Bachelor’s in Computer Science, Information Security, Business, Management, Information Technology, or related field
  • Hands-on experience in the detection, response, mitigation, and/or reporting of cyberthreats affecting networks, computer intrusion detection, analysis, and incident response
  • Experience in forensics, malware analysis, threat intelligence
  • Ability to understand, modify and create threat detection rules within a SIEM (Splunk, Sentinel, IBM QRadar)
  • Knowledge and experience with Windows, Linux operating systems, Networks, and Cloud Technologies
  • Experience using Python, Perl, PowerShell, or an equivalent language
  • Experience with network forensics and associated toolsets and analysis techniques
  • Experience with host-based detection and prevention suites (Crowdstrike, Palo Alto, Splunk, Microsoft SCEP, Carbon Black Response, OSSEC, Microsoft Defender, Microsoft Azure Security Center, Azure Sentinel, etc.)
  • The ability to reverse engineer malware is a plus
  • Understanding of log collection and aggregation techniques, Elasticsearch, Logstash, Kibana (ELK), Syslog-NG, Windows Event Forwarding (WEF), etc.
  • Ability to correlate data from multiple data sources to create a more accurate picture of cyberthreats and vulnerabilities
  • Certifications including but not limited to: Azure Security Engineer, CEH – Certified Ethical Hacker, Comptia Security+, CISSP, BTL1, BTL2, CASP, CysA
  • Experience working with cloud technologies (AWS, Azure, SaaS, etc.)

We are listening

How would you rate your experience with Endava so far?

We would appreciate talking to you about your feedback. Could you share with us your contact details?