Security Operations Analyst

**About the job Security Operations Analyst**:
Our client is a global medical products and technologies company focused on therapies for the management of chronic conditions, with leading market positions in advanced wound care, ostomy care, continence and critical care, and infusion devices.

As part of our continued development they are building an IT competency centre in Lisbon, and require technically qualified, adaptable and ambitious IT professionals to support their mission to improve lives across the world.

**Role Summary**

Security Analyst Engineer for Lisbon Security Operations function, member of a virtual team providing Security Operations support and as well as project delivery.

Part of virtual team who are responsible for the security engineering within the Security Operations Centre, data analytics and threat intelligence as we maintain and improve our capability to defend against malicious cyber activity and an ever-changing threat landscape.

Interface with other IT towers, Client Stakeholders, 3rd Parties as well as Security Lead and Head of Networks and Security Operations

Supporting a diverse user population across 50+ countries, covering office locations, manufacturing sites and remote users.

Ability to manage small project works independently as well as operating as part of a larger international team for more complex projects.

Technical skillset

Security Operations Analyst supporting Security Lead, 3rd Parties and Infrastructure Teams providing technical expertise and performance oversight in pursuit of protecting the computer systems, data and networks of our client.

**Essential Skill required**
- Experience and technical knowledge of the following:
- SIEM Administration (Splunk, HP ArcSight)
- Vulnerability Management technologies (Tenable.io, Qualys Rapid7)
- Log Management
- Endpoint Protection
- Antivirus (McAfee, Sophos)
- Perimeter Security including Firewalls, WAF, IDS & IPS
- Proxy Services (Zscaler, Bluecoat)
- Domain/DNS Management
- SSL Certificate Management
- DLP (Microsoft DLP, McAfee DLP)
- PAM / IAM (Microsoft, OKTA)
- Knowledge of authentication such as LDAP and MS Active Directory and Kerberos
- Familiarity with IPSEC, GRE, HTTP/HTTPS, DNS protocols
- Familiarity with Microsoft internet services
- Experience with Kill chain (how hackers work)
- Experience using public available internet IP blacklists
- Ability to read operating systems logs
- Wanting to continuously refresh knowledge of threats and Tools techniques and Processes
- Able to interpret and act on Threat intelligence
- Knowledge of SecDevOps
- Knowledge and experience in Pentesting

**Desirable Qualifications & Skills Preferred**
- Professional Qualifications
- SSCP
- Certified Ethical Hacker
- CompTIA Security+
- Splunk Enterprise Certified User

**Duties and Responsibilities**:

- Security Incidents Response
- SIEM Monitoring & Administration
- Vulnerability Management Scanning
- Security Incident Playbooks
- SecDevOps tools management
- Application Security testing
- PenTesting activities
- Privileged Access Management
- eDiscovery
- Zscaler Proxy Support
- Firewall Assurance
- Password Management
- Office 365 Admin Access Process
- IT Business Partner Process
- OKTA Security Support (SAML)
- Phishing / Malware Incident Response
- Whitelisting
- DNS/Domain/Certificate Management
- Risk Register Update
- Provide support for call out and out of hours work.
**Person Profile**
- Excellent communication and interpersonal skills
- General troubleshooting skills to solve issues
- Tenacious problem-solving abilities to see issues through to resolution
- Strong research skills to build information to deliver new projects and solve issues
- Ability to work equally well as part of a team or individually and manage own workload
**Principal Contacts**
- Service desk
- Offshore technical support teams
- Business users
- Senior Management
**Special Factors**
- On call support via rota
- Occasional out of hours working
- Occasional travel to international locations