Cyber Threat Defense Operations Analyst
Prague, CZ
před 27 dny

Cyber Threat Defense Operations Analyst Job

Apply for Job

Enter your email to apply Requisition ID : COM000652

MSD is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products.

The difference between potential and achievement lies in the spark that fuels innovation and inventiveness; this is the space where MSD has codified its 125-

year legacy. MSD’s success is backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare.

MSD’s Information Technology division partners with colleagues across the business to help serve our patients and customers around the world.

Ours is a high-energy team of dynamic, innovative individuals dedicated to advancing MSD’s contribution to global medical innovation by leveraging information and technology to efficiently advance the business by driving revenue and productivity.

Key Responsibilities :

  • Develops use cases and create threat detection logic, rules, and alerting in SIEM for response by IR analysts
  • Works with Threat Architects to identify and recommend new internal and external data sources to develop additional threat detection logic
  • Analyzes threat information gathered from logs, Intrusion Detection Systems (IDS), intelligence reports, vendor sites, and a variety of other sources and recommends rules and other process changes to protect against the same
  • Operationalizes Indicator of Compromise from intelligence feeds by developing, testing, and deploying monitoring and alerting rules into SIEM
  • Qualifications

  • BA / BS or MA / MS in Engineering, Computer Science, Information Security, or Information Systems
  • Experience in one or more of the following areas : proactive and reactive hunt techniques, zero-day exploit activities, malware identification
  • Expert knowledge of network monitoring and network exploitation techniques
  • Experience with common attack vectors, including advanced adversaries (nation state / financial motivation)
  • Knowledge around common web application attacks including SQL injection, cross-site scripting, invalid inputs and forceful browsing
  • Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
  • Ability to learn and operate in a dynamic environment
  • Knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
  • Strong written communication skills
  • Required certifications include, Security+, CEH, GCIA, GCIH, CISSP or similar
  • Experience working with cyber security tools and software such as Splunk, Symantec End Point, TrendMicro Antivirus, McAfee Web Gateway, Checkpoint Firewalls, Bluecoat, Sourcefire, Active Directory, or relevant cyber security assets
  • Nice to have :

  • Experience with scripting or programming, including Perl, Python, C, C++, C#, Java, Bash / Shell, or Batch is a plus
  • Experience developing detection logic for enterprise SIEM systems
  • Experience with exploitation techniques and use case development
  • Experience with IOC datasets (e.g., YARA, OpenIOC)
  • Your role at MSD is integral to helping the world meet new breakthroughs that affect generations to come, and we’re counting on your skills and inventiveness to help make meaningful contributions to global medical advancement.

    At MSD, we’re inventing for life.

    Můj e-mail
    Kliknutím na "Pokračovat", souhlasíte s tím, že neuvoo sbírá a zpracovává vaše osobní údaje, které jste poskytli v tomto formuláři, aby vytvořili neuvoo účet a přihlásili vás k odběru emailových upozornění v souladu s naší Ochranou Osobních Údajů . Váš souhlas můžete vzít kdekoliv zpět, následováním těchto kroků .