With the objective of supporting its customers, at their own pace, while respecting their evolutions, Telindus has adapted its wide range of solutions and services to each type of customer, thus meeting the specific expectations of each of them as well as example the Security Operations Center (SOC).
The SOC enables Telindus Luxembourg customers to meet their main objective: guarantee the continuity of their business activities by adapting as well as possible and as quickly as possible to the constraints and risks linked to the hyper connectivity of their information systems and to their sectors of activity.
In order to improve their levels of security and compliance of these information systems, Telindus Luxembourg mainly offers these customers
- Increased threat monitoring,
- A reaction force in the face of security incidents and,
- Real-time management and analysis of events.
For its SOC, Telindus Luxembourg is looking for a security analyst. The newly hired person will integrate our morning, afternoon and night teams (rotation, 7 days a week, 5x8).
Your mission
- Reporting and processing of alerts from SIEM
- Analysis of audit events (logs) and propose improvements to existing detection rules
- Study new threats and propose a new detection model (threat monitoring)
- Study of false positives and propose corrections
- Analyze and deal with security incidents according to internal procedures
- Configuration and maintenance of SIEM, and of all the equipment in the audit event collection chain (dashboards, detection rules, source, standardization, filtering, archiving, etc.)
- Writing monthly reports for clients Study the new systems to be integrated into SIEM (new client) and write specifications
- Participate in the continuous improvement of SOC procedures and its operating organization
- Participate in the development of the SOC (new service, ...)
- Participate in the customer pre-sales meeting as an expert
Profile:
- Education level: BAC +3 or more
- You have a first experience as a system administrator (Linux and Windows)
- You have knowledge of script development (PowerShell, Python, ...)
- You have a first experience on similar environments like ELK, Splunk, QRadar, RSA or ArcSight
- The following certifications are an advantage: Without (GSEC, GCIA, GMON, GCDA ...) CISSP CCNA Stress resistance Great ease in oral communication (client presentation ...)
- Very good knowledge in the concepts of securing an information system
- You are willing to work according to a schedule in order to maintain a 24/24 - 7/7 service
- Languages: French and English. Luxembourgish and German being an advantage