Security Analyst

Who we are

By joining our project, you will be working on an initiative of the European Commission focused on creating a more efficient, modern and secure customs environment within the European Union. Being part of this initiative set on a 5 years' timeline, you will have the opportunity to work on topics such as digitalization of customs processes, streamlining customs procedures to facilitate trade and reduce costs, harmonization of customs rules across all EU member states and combating fraud.

This purposeful project will not only give you the opportunity to have an impact on one of the key topics within the European Union, it will also offer you various professional opportunities, let you experience a collaborative environment, using cutting-edge technologies and experiencing diversity in your everyday professional life.

What you'll be doing

• Working primarily with information security technologies and processes 
• Assisting engineers in solution designs in relation with various aspects of information security technologies, processes, and requirements 
• Conducting monitoring, operations, and control tasks regarding Security Operations Center (SOC) activities 
• Performing incident management activities  
• Performing vulnerability testing, risk analyses and security assessments 
• Investigating threats, conducting forensic investigations, and mounting incident responses, triage security alerts, incidents 
• Developing automation processes to handle SOC and CSIRT related activities 
• Researching, planning, and designing robust security architectures for various IT infrastructures based on internationally recognized standards and best security practices 
• Assisting of technical experts within operational teams 
• Delivering technical reports and formal advisory papers on SOC/CSIRT and forensics activities 
• Contributing to security best practices, ISO or NIST compliance and new security standards
• Assistsing in security training and awareness activities 
• Attending conferences and trainings as required to maintain proficiency 
• Contributing to further developing of the Cybersecurity department 

What you'll bring along

• Master's or Bachelor's degree in related fields, preferably Engineering, Computer Science, Mathematics areas
• Minimum 5-10 years of experience in a similar role
• Proven track record of security activities, like investigations, forensics, and incident response 
• In depth knowledge of processes, research, and performance analysis capabilities 
• Negotiation capabilities and problem-solving mindset 
• Understanding the IT service industry as well as the relevant marketplace 
• Effectively drive service development and contribute to development processes 
• Effectively cope with change; comfortably adjust to alterations in work activities; able to decide and act with limited information; effectively handle risk and uncertainty in ambiguous situations 
• Demonstrated resilience, diplomacy, influence, relationship building, and problem-solving skills in a variety of situations 
• Collaborative attitude and able to serve as a liaison to different businesses and interface with fellow team members and colleagues on other security teams, Customer oriented behaviour 
• Highly effective written and oral communication skills, excellent interpersonal skills and experience dealing effectively with people having different background 
• Fluency in Business English is required, German is an advantage 
• Fast learner - research capabilities for obtaining required information 
• Proven experience in the following: Incident Response (Threat Hunting, Malware Analysis, Forensics, Incident Handling); Be hands on familiar with IR toolsets and investigation techniques on both Windows and GNU/Linux Operating Systems;In-depth knowledge of operating systems – Windows & Linux, firewalls, HIDS/HIPS & IDS/IPS; Strong understanding of computer networks, strong understanding of TCP/IP, DNS, network routing/switching, and network best practices for complex environments; Knowledge and experience with proactive threat hunting techniques and procedures; Experience in monitoring networks and/or alarms, in enhancing detection and monitoring platform and incident response processes, ability in set up the strategy for containment, remediation and recovery  
• Experience with enterprise level EDR and SIEM platforms: Experience in detection platforms, endpoint data and network equipment, in generating incident timeline, in gathering evidence from affected systems; Skills in security forensics activities, malware reverse engineering and cryptanalysis; Experience with OSINT and threat intelligence gathering methods; Skills in scripting and programming languages 
• In-depth technical knowledge within following security areas is an advantage: SIEM, SOAR and vulnerability assessments tools and solutions; Experience in implementing security solutions, vulnerability testing, risk; Security Threat Intelligence, Attribution and Hunting activities 
• CEH, SANS, OSCP, CompTIA or similar certifications represent a big plus 
• Availability for collaborate socially and technically within international teams
• Excellent command of both spoken and written English