Cyber Threat Hunter and SOC Analyst


Salary: Competitive

Location: Porto Salvo, Portugal

Posted: 08 Oct 2019

Main purpose of the role

We are looking for a key element to join our Truphone Cyber Defence Centre (CDC) and help us provide continuous cybersecurity monitoring and leverage Truphone Computer Security and Incident Response Team (CSIRT) effectiveness.

You will report to Truphone CISO and work closely with the security and technology teams in order to develop effective monitoring controls for specific business services and technical stacks. You will have a very close interaction with Truphone security engineers.

You will be expected to analyse events and alerts, classify and triage them accordingly and create reporting KPIs and dashboards in order to monitor the CDC progress and effectiveness.

This is an exciting opportunity to join our Cybersecurity Team in Lisbon and be the first Cyber Threat Hunter and SOC Analyst in the company. You will also be required to participate in several National and International CERT Teams and Groups and help create from scratch the evolution strategy for the CDC.

We are looking for someone who is hands on and has the passion and ambition to protect a fast growing multinational Organization.

Key Responsibilities

  • Advanced Cyber Analytics - Driving the hunting of threats to both Truphone and its Customers;
  • Characterize suspicious activities and be able to identify threats and develop network and host-based IOCs and IOAs;
  • Identify potential malicious activity from memory dumps, logs, and packet captures
  • Perform manual discovery of open source threat intelligence information;
  • Through review and analysis of cyber threats, provide both internal & external parties key information to respond to threats;
  • Participate as part of a close team of technical specialists on coordinated responses and subsequent remediation of security incidents;
  • Monitor and fine-tune Truphone Cyber Defence Technologies (Network Monitoring System, SIEM, Endpoint Security, etc) and respond to alerts; and
  • Work with Truphone technical teams to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise.

Skills and experience

  • Entry level: 1 to 3 years of experience;
  • Background on computer engineering or similar;
  • Understanding of key concepts of SIEM, NMS, vulnerability management and endpoint security tools;
  • Expertise in system logging configurations and ELK platforms;
  • Knowledge of phyton and other similar scripting languages;
  • Knowledge of system administration (namely Linux and Microsoft); and
  • Understanding of CSIRT processes and procedures.
Apply now

No agencies. We do not accept CVs from 3rd parties

Apply now

No agencies. We do not accept CVs from 3rd parties