Threat Hunter - Zurich, Schweiz - Luxoft

Luxoft

Geprüftes Unternehmen

Zurich, Schweiz

vor 3 Wochen

Geschrieben von:

Lena Schneider

beBee Recruiter

Beschreibung

Project Description**:

Your role

Do you have an investigator's mindset, and intuitively know how to uncover malicious activity? Do you have a deep understanding of computer operating systems and the realities of enterprise IT estates? Do you like data? This role is responsible for analyzing and correlating large data sets to uncover novel threats and attach techniques that may be present within our client's environment.

Your team
You will be working for Threat Hunting team, which sits within the Insider Threat function of our client. The team is charged with hunting for unknown and undetected threats, and responding to incidents when they are identified.

Threat hunting analysts are located in our major centers of Zurich, New Jersey, Singapore and Israel, but examine data from our offices all over the world (with some exceptions).

We are refining and building cutting edge capabilities to deliver a world-class Threat Hunting service. You will be based in our Zurich office (or remote within the country).

Responsibilities:

We are looking for a Threat Hunter who:
can query, process and manipulate data in a variety of platforms and formats

- is able to rapidly understand and leverage new technologies
- has incident response experience and understands how EDR tools work behind the user interface
- can interpret structured and unstructured intelligence to determine what is critical for meeting your detection objectives
- has detailed contemporary knowledge of attacker techniques and understands how to identify them in the real world
- has initiative and creative thinking to achieve solutions to complex problems
- able to assist incident response teams with major incidents as required

Skills:

Must have

Your expertise
6+ years' experience with Threat Hunting or Incident Response, which enables you to recognize malicious activity within a sea of noise.
Deep knowledge of digital forensics, computer operating systems and enterprise network infrastructure.
Strong knowledge of malware and exploit desired
Experience with offensive security tools and attack techniques
Competence with one or more programming/query languages experience with Python, PowerShell and SQL is preferred.
A strong understanding of how to make sense of security and forensic data.
Experience working with large data set and tools/technologies such as Spark, PySpark, Pandas, Hadoop, Cloudera, Databricks.
The experience and judgement of an analyst that can clearly explain concepts to a less technical audience, and make wellreasoned arguments for your security recommendations.
Must be a team player and ability to mentor junior colleagues.

Nice to have

A bachelor's degree, preferably within an Information Security related discipline, or equivalent experience.
Experience with Cloud environments, preferably Azure.

Languages:

English:
C1 Advanced

Seniority:

Senior

Relocation package:

If needed, we can help you with relocation process.

Vacancy Specialization

Information Security

Ref Number

VR-92732